Gunra Ransomware Group Leaks 40TB of Data from American Hospital

The Gunra ransomware group escalated its attack on American Hospital Dubai (AHD), a premier healthcare facility in Dubai, UAE, by releasing new evidence of a major cyberattack.

The group claims to have leaked 40 terabytes of sensitive data, including personal demographics, credit card details, Emirates ID numbers, health records, and internal documents, following an initial breach reported on June 4, 2025.

This follows their earlier claim of exfiltrating 450 million patient records, totaling 4 terabytes of uncompressed data, which they threatened to release publicly by June 8.

Newly leaked internal emails, allegedly from AHD, suggest the hospital instructed staff to deny the hack to patients and the public, despite internal documentation confirming a cyberattack on June 1, 2025, which encrypted virtual machines and storage systems.

The hospital has yet to issue an official statement, raising concerns about transparency and compliance with UAE’s strict cybersecurity laws, which mandate notifying regulators and patients of high-risk breaches.

Gunra, active since April 2025, employs double-extortion tactics, encrypting systems and exfiltrating data to demand ransoms.

The group has targeted multiple sectors, including healthcare, with AHD being a high-profile victim due to its 254-bed facility and advanced medical services.

The leaked data reportedly includes financial records, payroll details, and sensitive patient information, posing risks of identity theft and fraud.

Cybersecurity experts warn that healthcare institutions remain vulnerable due to their sensitive data and digital reliance. AHD’s silence has intensified scrutiny, with authorities investigating the breach’s scope.

The incident underscores the urgent need for robust cybersecurity measures and transparent communication to protect patient trust and safety.

Automate threat response with ANY.RUN’s TI Feeds—Enrich alerts and block malicious IPs across all endpoints -> Request full access