As first reported by SC Media, American Hospital Dubai, one of the most prominent private healthcare institutions in the United Arab Emirates, has been targeted by the emergent Gunra ransomware gang in what may be one of the region’s most significant cyberattacks to date.
Gunra claims to have stolen an astonishing 450 million records—totaling 4 terabytes of uncompressed data—containing a wide range of sensitive information including patient demographics, Emirates ID numbers, credit card data, billing histories, and clinical records.
Source: ahdubai.com.
According to findings from the Cybernews research team, much of the stolen data appears to consist of financial documents such as payroll files and billing records. The Gunra gang, which launched its operations in April, is rapidly becoming a notable threat. In just a few months, it has struck at least a dozen organizations spanning the healthcare, real estate, manufacturing, and pharmaceutical sectors. Their methods typically involve immediate file encryption post-breach and the use of double-extortion—threatening to leak data unless ransom demands are met.
The alleged breach highlights the vulnerability of healthcare systems, especially those with expansive digital operations in high-profile urban centers like Dubai. If verified, the scale of the stolen data raises serious concerns about identity theft, financial fraud, and medical privacy violations. It also underscores the pressing need for healthcare organizations to strengthen their cybersecurity posture amid a growing wave of targeted ransomware attacks.
