Connect with us


The Largest Data Breaches In The Middle East

According to an IBM report, the cost of cybersecurity incidents in the Middle East reached a new high of $6.93 million per data breach in 2021.



the largest data breaches in the middle east

The Middle East aspires to become the global digital hub, and countries like the United Arab Emirates, Saudi Arabia, and Qatar are already leading various global rankings of ICT Indicators, including mobile broadband speeds and social media use frequency. However, the growing digitalization of the MENA region has made it an attractive target for cybercriminal activity.

According to an IBM report, which studied 500 breached organizations from across the world, the cost of cybersecurity incidents in the Middle East reached a new high of $6.93 million per data breach in 2021, significantly exceeding the global average cost of $4.24 million per incident.

To help you see behind cybersecurity statistics and understand the reality of data breaches in the Middle East, we’ve put together this list of some of the largest data breaches that have occurred in the region. These breaches have affected various industries and have together resulted in the compromise of millions of sensitive personal and business records.

2021 – Moorfields Eye Hospital Dubai Attacked By A Ransomware Group

moorfields eye hospital dubai attacked by a ransomware group

What Happened: The ransomware group AvosLocker attacked Moorfields Eye Hospital Dubai in 2021 and successfully downloaded over 60 GB of data that was stored on its servers, including copies of ID cards, accounting documents, call logs, and internal memos. The attackers then encrypted the original information and demanded a ransom, threatening the hospital to leak it if not paid.

How It Happened: After conducting a detailed investigation of the incident, Moorfields Eye Hospital Dubai determined that the ransomware that encrypted its data was either sent in an email or distributed via a malicious ad.

Implications: As unfortunate as it is, ransomware attacks on hospitals and other healthcare providers are fairly common. Luckily, this particular attack didn’t paralyze any critical systems whose unavailability would endanger patient’s lives. Still, attacks like this one are a significant concern for healthcare organizations, and keeping them at bay must be a top priority.

2020 – UAE Police Data Listed For Sale On A Web Database Marketplace

uae police data listed for sale on a web database marketplace

What Happened: When researching the darkest corners of the internet in 2020, security firm CloudSek discovered that a data set containing the personal information of 25,000 UAE police officers was up for sale on a darknet market for $500, with multiple samples made available for free to attract buyers.

How It Happened: To this day, it’s not known how the data breach happened. It’s possible that someone with legitimate access to the data was contacted by cybercriminals with an offer they failed to resist. Of course, a cybersecurity vulnerability or phishing are another potential causes.

Implications: Any sale of personal information of police officers and other public servants has serious implications for national security, and it can also undermine public trust in law enforcement agencies and their ability to protect personal data against cybercriminals.

2019 – Dubai-Based Exhibition Firm Hacked And Its Clients Targeted

dubai-based exhibition firm hacked and its clients targeted

What Happened: In 2019, the email server of Cheers Exhibition, a Dubai-based exhibition firm, was hacked. The attacker then used their privileged access to target Cheers Exhibition’s customers, scamming one of them out of $53,000.

How It Happened: We don’t know which exploit or vulnerability the attacker used to infiltrate the email server, but we know that the attacker created highly convincing spoofed emails with wire transfer instructions and fake invoices. The biggest sign of fraud was the use of the “[email protected]” email address instead of “[email protected].”

Implications: Phishing attacks like the one that targeted Cheers Exhibition clients are among the most widespread cyber threats in the world, and they continue to be surprisingly effective because people still don’t pay enough attention to signs of phishing. Additionally, phishing scams are becoming more and more sophisticated, increasingly often taking the form of highly targeted spear-phishing scams.

2018 – Personal Data Of Lebanese Citizens Living Abroad Leaked

personal data of lebanese citizens living abroad leaked

What Happened: During the months leading up to Lebanon’s general elections in May 2018, the personal data of Lebanese citizens living abroad was leaked by Lebanese embassies. The leaked information included the full name of each voter, their dates of birth, addresses, religion, marital status, and more.

How It Happened: This unfortunate data breach happened because embassy officials sent an email message to Lebanese citizens living abroad with a spreadsheet containing the personal information of more than 5,000 people. As if that wasn’t bad enough, the email addresses of those who received the spreadsheet were entered in the Cc field instead of the Bcc field, making them clearly visible.

Implications: It’s estimated that approximately 19 percent of data breaches are caused by human error, and this data breach serves as a great example of how far-reaching consequences can the neglect of fundamental cybersecurity best practices have.

2018 – Ride-Hailing Service Careem Breached And 15 Million Users Exposed

ride-hailing service careem breached and 15 million users exposed

What Happened: Careem is a Dubai-based ride-hailing service that currently operates in around 100 cities across 12 countries. In 2018, the service revealed that the account information of 14 million of its drivers and riders had been exposed.

How It Happened: White-hat hackers and bounty hunters had been finding serious security weaknesses in the Careem app since at least 2016. Apparently, the ride-hailing service kept ignoring them until its drivers and riders paid the price. It then kept quiet about the breach for three months before it finally issued a public announcement.

Implications: The exposure of the personal information of 14 million Careem users, including names, email addresses, phone numbers, and trip data, raises concerns about the security practices of the apps we rely on every day, and it also highlights the importance of prompt and transparent communication in the event of a data breach.

2016 – Database With The Personal Data Of 50 Million Turkish Citizens Posted Online

database with the personal data of 50 million turkish citizens posted online

What Happened: An anonymous hacker posted a government database containing the personal data of 50 million Turkish citizens on a torrent site, allowing anyone to download the roughly 1.4 GB compressed file. Included with the database was a message taunting the Turkish government and its approach to cybersecurity.

How It Happened: The anonymous hacker who uploaded the database revealed that poor data protections — namely a hardcoded password — were the main reason why they were able to obtain it in the first place. Hardcoded passwords are sometimes used as a means of authentication by applications and databases, but their use is generally considered to be a bad practice because they can lead to data breaches.

Implications: Governments store more information about their citizens than ever before, so it’s their responsibility to adequately protect it. Any failure to do so could potentially have far-reaching consequences for those in power as well as those who elected them.

2016 – Qatar National Bank (QNB) Breach Exposed Troves Of Customer Data

qatar national bank breach exposed troves of customer data

What Happened: In April 2016, the whistleblower site Cryptome became home to a large collection of documents from Qatar National Bank. The leak comprised more than 15,000 files, including internal corporate documents and sensitive financial data of the bank’s thousands of customers, such as passwords, PINs, and payment card data.

How It Happened: The cause of the Qatar National Bank breach remains unknown. It’s certain, however, that the attacker must have had obtained privileged access to the bank’s internal network otherwise they wouldn’t be able to steal nearly 1 million payment card numbers together with expiration dates, credit limits, cardholder details, and other account information.

Implications: The breach highlighted the need for stronger cybersecurity measures in the financial sector and underscored the importance of maintaining robust security practices to prevent unauthorized access to sensitive financial data. Fortunately, the bank enforced multi-factor authentication, preventing attackers from using the stolen customer data to make unauthorized transactions.

2012 – Saudi Arabian Oil Company (Aramco) Compromised By Iran

saudi arabian oil company (aramco) compromised by iran

What Happened: In retaliation against the Al-Saud regime, Iran-backed hacking group called the “Cutting Sword of Justice” wiped data from approximately 35,000 computers belonging to Aramco, a Saudi Arabian public petroleum and natural gas company based in Dhahran.

How It Happened: The hacking group used malware called Shamoon, which is designed to spread to as many computers on the same network as possible and, ultimately, make them unusable by overwriting the master boot record.

Implications: The attack on Aramco in 2012 demonstrated the potential of nation-states and state-sponsored groups to use cyber warfare to target critical infrastructure and disrupt a nation’s economy. Since then, multiple other attacks on critical infrastructure have occurred, perhaps the most notable of which is the Colonial Pipeline ransomware attack of 2021.


📢 Get Exclusive Monthly Articles, Updates & Tech Tips Right In Your Inbox!


Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Big Tech Knows Too Much. More Regulation Is The Answer

Despite claiming otherwise, Big Tech still shares your data with third parties, and the only thing that can stop them is stricter regulations.



big tech knows too much more regulation is the answer

It’s 2023, and pretty much everyone has access to the internet. As we’ve become more reliant on the internet and other smart devices, we’ve also grown increasingly accustomed to companies collecting our data in the background. It’s also not uncommon to hear of cases where customer data is being misused. This begs the question, what is Big Tech doing with so much data?

The answer, we’re afraid, is complicated.

Carefully Curated Experiences

You’re probably familiar with the concept of creating a “personalized experience”. You might also be aware that providing a user with a personalized experience involves knowing what their interests are (what they appreciate or dislike), and the best way to find out a user’s interests is, you guessed it, to check their online activity.

Collecting user data to personalize services is ubiquitous on the internet. It’s seen on social media platforms, video sharing sites like YouTube, and even e-commerce platforms like Amazon. These services use your browsing data to recommend content that it thinks you might appreciate, and admittedly, this approach works pretty well. Let’s be honest, no one wants to be bombarded with irrelevant content. People appreciate familiarity, and getting content that they can relate to makes for a far more enjoyable user experience. Plus, it’s these personalized content recommendations that make social media platforms like TikTok so addictive — and profitable.

This form of data collection isn’t such a big deal, so long as these corporations are transparent about what data they’re using and why. However, Big Tech is anything but transparent, and it’s at this point where things can get sketchy.

Rage Against The Ad Machine

We’ve all been there. One moment, you’re looking up gaming laptops on Google, and the next, you’re bombarded with advertisements for gaming laptops on your social feed or during a completely unrelated browsing session. Unsettling? Yes. But how does this work?

The sites or apps that supposedly collect user data to “enhance user experience” also sometimes sell this data to advertisers or other third-party trackers.

Let’s look at Google as an example of how the wider ad machine works. When it comes to the quantity of data being handled, few companies can compare. With a seemingly endless stream of data at its disposal, with sources ranging from Chrome, to Maps, and even Bard, it’s no mystery why. Combine endless amounts of data with the single largest advertising platform, and you get the perfect money-making ad machine.

Real-Time Bidding: A Game Of Half-Truths

Google claims, in no uncertain terms, that it does not sell your personal data. So case closed, right? If only it were that simple.

Technically, Google isn’t lying. If you go by the strictest definition of a sale, where a commodity is exchanged for money, then no, Google is not a data broker and it doesn’t sell your data. However, Google monetizes your data in other ways, which does involve sharing your data with third parties. One such method is real-time bidding (RTB).

So How Does RTB Work?

RTB is a form of programmatic advertising where ad spaces are automatically auctioned off to the highest bidder on a per-impression basis.

Without getting into too much detail, when a user begins a session on a particular page, their data (including location and browsing history) is collected and broadcasted by supply-side platforms (SSPs) to a group of demand-side platforms (DSPs), which automatically place bids for ad space on that specific session. The winning bid is then displayed to the user. User data is shared here to ensure that only relevant advertisements will be shown to the user during that session. This entire process is automated and takes only milliseconds.

Admittedly, RTB is incredibly efficient as an advertising tool. But it’s unfortunately a questionable practice due to the privacy implications, with some experts claiming that RTB practices violate GDPR principles.

The issue with RTB is that it also involves sharing highly specific data, so while RTB platforms aren’t directly sharing personal data, they most certainly are indirectly sharing data that is detailed and specific enough to tie to a particular user. Furthermore, it’s not just the highest bidder that gets to view this data — everyone who participates in the auctions can. These exchanges have no control over how the broadcasted data is used once the auction is complete. When you put everything together, you’re looking at an ugly combination of potential security risks. What makes things worse is that advertising platforms running RTB auctions are not transparent about what kind of data is being broadcasted.

Coming back to Google, the company can rightly claim that your data isn’t what’s being sold, rather, it’s the ad space within your browser. But, as we’ve already seen, RTBs involve the transfer of personal data. Please note that Google isn’t the only offender in this space. RTB is a common online advertising practice followed throughout the internet, and it’s important to be aware how Big Tech companies use vague language and loopholes to get away with sharing your data while claiming otherwise — directly or not.

Big Tech Is Watching You

Let’s reiterate this: We’re perfectly fine with tech companies using our data to provide us with an improved experience while we choose to use their services, provided they’re transparent about what data they’re collecting and how it’s being used. What isn’t okay is Big Tech getting away with misusing our data using vague jargon and legal loopholes. We can be grateful for data protection regulations like Europe’s GDPR, as well as California’s CCPA and CPRA, and other countries that have followed suit. It’s time for even stricter regulation to crack down on Big Tech’s exploitative business models.

Continue Reading