Ransomware Attack on Sheba Medical Center by Handala Exposes Sensitive Data
Incident Date:
July 15, 2024
Overview
Title
Ransomware Attack on Sheba Medical Center by Handala Exposes Sensitive Data
Victim
Sheba Medical Center
Attacker
Handala
Location
First Reported
July 15, 2024
Ransomware Attack on Sheba Medical Center by Handala
Overview of Sheba Medical Center
Sheba Medical Center, also known as Chaim Sheba Medical Center at Tel HaShomer, is the largest hospital in Israel and a leading medical institution in the Middle East. Established in 1948, the center operates on a 200-acre campus near Tel Aviv and features 159 medical departments and clinics. With a workforce of approximately 10,000 healthcare professionals, including 1,700 physicians and 200 Ph.D. research professionals, Sheba handles about 1.9 million clinical visits annually. The center is renowned for its advanced medical services, innovative treatments, and commitment to patient-centered care.
Details of the Attack
The hacker group Handala has claimed responsibility for a significant data breach at Sheba Medical Center. According to Handala, they have compromised 5TB of sensitive data, including medical and personal patient information, cooperation agreements, staff lists, financial documents, administrative documents, and medical research documents. To substantiate their claims, the group has released 50GB of this data. Despite these assertions, Sheba Medical Center has not confirmed the breach, as no official statement has been issued on their website, leaving the claims unverified.
About Handala Hack Group
Handala Hack is a cybercriminal organization known for its pro-Palestinian politics and history of targeting Israeli institutions. The group is typically classified as a Wiper group rather than a ransomware deployer. Handala has a history of sophisticated phishing campaigns and multi-stage loading processes to bypass traditional security measures. In this attack, Handala stated that their primary target was the cardiology department and a related company, Innovative Bio Medical Ltd. The group claims the attack was in retaliation for alleged Israeli attempts to eliminate their commander, Mohammed Deif.
Potential Vulnerabilities
Sheba Medical Center's extensive digital infrastructure and the sensitive nature of the data it handles make it a prime target for cyberattacks. The hospital's involvement in advanced medical research and its significant international patient base further increase its vulnerability. The lack of immediate confirmation from Sheba Medical Center regarding the breach highlights the challenges organizations face in promptly addressing and verifying cyber threats.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.