The Gunra ransomware group escalated its assault on American Hospital Dubai (AHD), a premier healthcare facility in Dubai, UAE, by releasing new proof of a significant cyberattack.
The group claims to have leaked 40 terabytes of delicate knowledge, together with private demographics, bank card particulars, Emirates ID numbers, well being data, and inner paperwork, following an preliminary breach reported on June 4, 2025.
This follows their earlier declare of exfiltrating 450 million affected person data, totaling 4 terabytes of uncompressed knowledge, which they threatened to launch publicly by June 8.
🚨#Gunra #ransomware group has leaked 40TB of information from American Hospital #Dubai 🇦🇪 (@AHDubai).Uncovered info consists of full names, dates of delivery, passports, driver’s licenses, IDs, protected well being knowledge, financial institution accounts, usernames, passwords, emails, and confidential… pic.twitter.com/t85jYJsqtr— VenariX (@_venarix_) June 16, 2025
Newly leaked inner emails, allegedly from AHD, recommend the hospital instructed workers to disclaim the hack to sufferers and the general public, regardless of inner documentation confirming a cyberattack on June 1, 2025, which encrypted digital machines and storage methods.
The hospital has but to problem an official assertion, elevating considerations about transparency and compliance with UAE’s strict cybersecurity legal guidelines, which mandate notifying regulators and sufferers of high-risk breaches.
Gunra, energetic since April 2025, employs double-extortion ways, encrypting methods and exfiltrating knowledge to demand ransoms.
The group has focused a number of sectors, together with healthcare, with AHD being a high-profile sufferer as a consequence of its 254-bed facility and superior medical companies.
The leaked knowledge reportedly consists of monetary data, payroll particulars, and delicate affected person info, posing dangers of identification theft and fraud.
Cybersecurity specialists warn that healthcare establishments stay weak as a consequence of their delicate knowledge and digital reliance. AHD’s silence has intensified scrutiny, with authorities investigating the breach’s scope.
The incident underscores the pressing want for strong cybersecurity measures and clear communication to guard affected person belief and security.
Automate risk response with ANY.RUN’s TI Feeds—Enrich alerts and block malicious IPs throughout all endpoints -> Request full entry
