Iran-linked hackers claim to leak troves of documents from Israeli hospital

Jason Macuray
A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers.

A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers.

In a cyberattack on Ziv Medical Center in the city of Safed, near the border with Syria and Lebanon, the hackers claimed to have accessed 500GB of data dating back to 2022. This includes 700,000 documents allegedly containing patients’ personal and medical information, such as types of diseases and prescribed drugs.

The group responsible for the attack, which goes by Malek Team, began releasing documents — including those they say contain data from the Israel Defense Forces (IDF) — on their Telegram channel over the weekend.

The hackers didn’t specify when they attacked the hospital, but the Israeli National Cyber Directorate issued a warning about an incident impacting the computer systems of Ziv Medical Center last week.

According to the statement, “the incident has been identified and contained without disrupting or affecting various systems and the operation of the medical center.” As a precautionary measure, the hospital temporarily disconnected its email server and some of the computer systems.

The security team has started an investigation to determine whether an information leak occurred but has not yet published any results. The agency did not immediately respond to a request for comment.

According to Israel’s newspaper The Jerusalem Post, this is the third time Ziv Medical Center has fallen victim to a cyberattack in four months. According to local media reports, the hospital and the Israeli privacy protection authority acknowledged indications of leaked information from Ziv’s systems.

Israeli authorities have prohibited the use, transfer, or distribution of any leaked information and said that they are seeking charges against individuals involved in the incident.

Malek Team also claimed responsibility for cyberattacks on other targets in Israel, including Ono Academic College (which was also targeted earlier in October), along with Israeli tech and media companies.

The hackers released abundant evidence of data that was purportedly leaked, including videos of university classes and admission interviews with students, as well as scans of passports and documents belonging to their victims. The authenticity of this data has not been idependently confirmed.

Cyberattacks have intensified amid the war between Israel and Palestinian militant group Hamas.Hackers, suspected to be tied to Iran, have targeted Israeli organizations before. In October, researchers detected a cyberattack on at least two Israeli entities by a long-running group connected to the Iranian government called MuddyWater. In November, Iran-linked hackers attacked Israeli education and tech organizations.

According to a senior National Security Agency official, Tehran has been Hamas’ longtime benefactor and U.S. national security leaders have sounded the alarm that Iran could bring its own formidable digital might to the conflict.

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks

Next Post

UK sets out how pornographic websites must verify users’ ages

Related Posts

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams

Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector. "After an initial chat conversation, the attacker sent a ZIP file that contained
Avatar
Read More