Alleged Cyber Attack on Sheba Medical Center: Israel’s Largest Hospital

Pietro Melillo : 16 July 2024 15:30

The Sheba Medical Center, the largest hospital in Israel and ranked ninth in the world, has recently fallen victim to an alleged data breach. A pro-Palestinian hacker group known as Handala has claimed responsibility for the attack, stating that they have compromised a vast amount of sensitive information.

However, at this moment, we cannot accurately confirm the validity of the breach, as the organization has not yet released any official press statement on its website regarding the incident. Therefore, this article should be considered as an ‘intelligence source.’

Details of the Breach

According to the post published by Handala on a hacking forum, the attackers claim to have gained access to 5TB of data from the Sheba Medical Center. This includes medical and personal information of patients, cooperation agreements, staff lists, financial documents, administrative documents, and medical research documents. As proof of their penetration capability, they have released 50GB of this data.

The post, which also includes an image of the hospital, sends a clear warning message. The hackers state that their primary target was the cardiology department of the hospital and a related company, Innovative Bio Medical Ltd. According to the group, the attack is retaliation against alleged Israeli attempts to eliminate their commander, Mohammed Deif.

Handala: The Hacker Group

Handala is a pro-Palestinian hacker group known for its targeted attacks against Israeli entities and their allies. In hacking forums, Handala has a high reputation and has published several other attacks against Israeli targets, such as gas stations, distilleries, and educational systems.

In their latest post, Handala also declared that they are “alive” and warned not to test their patience further. The threat to release all compromised data, if not satisfied, poses a significant risk to national security and the privacy of the people involved.

A few weeks ago, we analyzed another alleged attack against Zerto: https://www.redhotcyber.com/en/post/presumed-cyber-attack-on-zerto-not-for-financial-or-espionage-purposes-but-for-political-reasons/

Implications and Security Measures

The alleged breach at Sheba Medical Center raises serious concerns regarding cybersecurity in the healthcare sector. Hospitals and other healthcare facilities manage enormous amounts of sensitive data, making them attractive targets for hackers. The disclosure of medical and personal information can have severe consequences for patients, including the possibility of fraud and privacy violations.

To prevent future attacks, it is essential for healthcare institutions to adopt stricter security measures. This includes implementing advanced security protocols, training staff on cybersecurity awareness, and collaborating with security experts to identify and mitigate vulnerabilities.

Conclusions

The attack on Sheba Medical Center by Handala is a clear signal of the importance of robust cybersecurity in the healthcare sector. With the increase in cyber threats, it is crucial for healthcare institutions to strengthen their defenses to protect sensitive data and ensure the privacy and security of their patients. However, in the absence of an official confirmation from Sheba Medical Center, this article should be considered as an intelligence source rather than a confirmed account of the incident. Future developments regarding this breach will be closely monitored, as further details on the consequences of the attack and the responses of the relevant authorities may emerge.

As is our custom, we always leave room for a statement from the company should they wish to provide updates on the matter. We would be pleased to publish such information in a specific article, highlighting the issue.

RHC will monitor the evolution of the incident in order to publish further news on the blog, should substantial updates occur. If there are individuals with knowledge of the facts who wish to provide information anonymously, they can use the encrypted whistleblower email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"