The Egypt health ministry is facing a data breach, as a hacker claims to have two million records up for sale.
The alleged Egypt health ministry data breach was reported on a hacker forum, and the threat actor post divulged the extent of the attack, stating that they had accessed the data from January 2019 to January 2023.
According to the threat actor, the alleged Egypt health ministry data breach involved critical patient information, including names, phone numbers, addresses, medical procedures, diagnoses, and more.
The alleged post about the Egypt health ministry data breach surfaced on Sunday, July 23, 2023, and prompted immediate action.
Cybersecurity experts and concerned individuals were quick to address the gravity of the Ministry of Health data breach.
The Cyber Express reached out to the government officials concerned to learn more about the alleged Egypt health ministry data breach.
However, the Egyptian Ministry of Health has not issued an official response or statement at this time.
Egypt health ministry data breach: Falling into a ditch
The Ministry of Health data breach comes after escalating cyber attacks in Egypt. Kaspersky has been closely monitoring the situation.
During the first quarter of 2023, Kaspersky’s global research and analysis team recorded a staggering 13 million electronic attacks in Egypt alone.
The banking sector was particularly targeted, with a significant 186% increase in attacks on bank accounts and customer data compared to the same period in the previous year.
Phishing attacks have been rampant, a common tactic cybercriminals use to deceive users into revealing personal and banking information.
Around 75,000 users in Egypt fell victim to such attacks during the year’s first quarter. Shockingly, between 17% to 70% of users who received fraudulent emails and messages clicked on the malicious links, unknowingly exposing themselves to cyber threats.
These attacks were not limited to individuals alone; even government institutions faced espionage and customer data theft attempts by international hacker teams, “AllRig” and “BlogX.” Though the specifics of the targeted institutions have not been disclosed for security reasons, the situation remains highly sensitive.
Egypt comes under fire for exposing children’s data online
The alleged Egypt health ministry data breach, if confirmed, will be the latest instances of cyber violation in the country.
The Egyptian government and British company Academic Assessment Ltd recently came under fire for exposing the personal information of tens of thousands of children online, leading to severe breaches of privacy and potential harm.
Human Rights Watch expressed concerns that this data exposure likely violated data protection laws in both Egypt and the United Kingdom.
The leaked sensitive information comprised details of over 72,000 children, including names, dates of birth, gender, addresses, emails, phone numbers, schools attended, grade levels, personal photos, and even copies of passports or national IDs.
This data remained unprotected on the internet for at least eight months, leaving the children vulnerable to exploitation.
Of particular worry is the exposure of 110 children with disabilities, further increasing their risk. The leaked data came from students who took the Egyptian Scholastic Test (EST), required for those studying under the American Diploma curriculum in Egypt.
The unprotected records also revealed the names and locations of universities the students applied to, their test scores, and payment status. Exam proctors’ detailed notes were also leaked, alleging instances of unethical behavior and cheating.
Such a breach not only jeopardizes the immediate safety of these children but also exposes them to long-term consequences, such as identity theft, blackmail, and sexual exploitation.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.