Over 500 gigabytes of data, including hundreds of thousands of IDF medical records were allegedly stolen by Iran-linked hackers during a cyberattack on Ziv Medical Center in Safed, Israel, the hackers claimed on Telegram.
This is the third time Ziv has has fallen victim to a cyberattack in four months. The Health Ministry and the Israel National Cyber Directorate, in a joint statement, confirmed the detection of a suspected cyberattack in the hospital's computer systems. They reassured the public that the incident had been promptly identified and contained, with no disruption or impact on the medical center's operations. However, a hacker group allegedly linked to Iran later came forward, claiming to have successfully stolen hundreds of thousands of patient records.
On their Telegram page, the attackers said, "We possess over 500 gigabytes of information, including 700,000 medical documents, among which 100,000 pertain to the IDF." They substantiated their claim by sharing screenshots of medical documents dating back to 2022.
After that, the hackers ominously hinted at "another surprise" yet to come.
How will Israeli hospitals handle foreign cyberattacks?
Responding to these claims, Ziv Medical Center and the Justice Ministry's Privacy Protection Authority issued a joint statement, acknowledging that there were indications of leaked information from the hospital's systems, which prompted a gag order to remove the content.
Additionally, a criminal prohibition has been imposed on the use, transfer, or distribution of any leaked personal information. The Privacy Protection Authority strongly stressed its intent to seek charges against people involved in such activities.
As a precautionary measure, Ziv implemented various new safeguards, temporarily restricting the sending and receiving of external emails. Certain computer services were also temporarily disconnected. The public is urged to exercise caution when receiving messages purporting to be from the hospital and to avoid opening any suspicious messages or clicking on any attached links.