In a concerning development, an ‘established’ threat actor has asserted possession of a staggering two million data records stolen from the Egyptian Ministry of Health and Population.
Furthermore, the claim emerged on the hacker forum Popürler and quickly caught the attention of cyber threat intelligence provider SOCRadar and dark web monitoring firm Falcon Feeds on July 25, 2023.
According to the threat actor’s post, the compromised database contains extensive personal patient information, leaving millions vulnerable. The exposed data includes names, IDs, decision and national numbers, phone numbers, addresses, procedure classification details, diagnoses, and treatment specifics. To substantiate the alarming claim, the hacker presented a sample dataset comprising information on 1000 individuals.
Additionally, this threat actor, previously linked to selling databases supposedly sourced from Indonesian entities, is suspected of pursuing financial gains through these illicit activities. Directing potential buyers to contact them via the encrypted messaging app Telegram, the hacker’s actions are likely motivated by profit-seeking incentives.
At the same time, this data breach represents a significant cybersecurity incident, potentially exposing sensitive healthcare information of millions. The authorities and cybersecurity agencies must respond swiftly to contain the situation and mitigate potential harm to individuals affected by the breach.
Finally, organizations and individuals must remain vigilant and implement robust security measures to safeguard sensitive data in an ever-evolving threat landscape.