Behind every data breach is a story of trust broken, personal information compromised, and organizations left scrambling to regain control. In the UAE, several high-profile breaches have highlighted the vulnerabilities that can exist even in well-established systems. These incidents are stark reminders of the critical importance of information security services, which play a vital role in protecting sensitive data and maintaining consumer confidence in an increasingly digital world.
This blog takes a closer look at the top 12 data breaches in UAE history, illustrating not only the technical failures but also the human cost associated with these incidents. By sharing these stories, we hope to inspire a culture of accountability and vigilance in cybersecurity practices, ensuring that lessons learned translate into stronger defenses against future attacks.
| # | Breach | Date | Details |
| 1 | Dubai Cheers Exhibition | July 2024 | Phishing attack resulted in a client transferring $53,000 to attackers, highlighting email security risks. |
| 2 | Emirates Airline | 2024 | Allegations of customer data sharing with third parties raised concerns over data privacy practices. |
| 3 | Careem | March 2019 | Data breach exposed 14 million user records, including email addresses and trip histories. |
| 4 | UAE Invest Bank | June 2024 | Ransomware attack led to a $3 million ransom demand; customer data was leaked when payment was refused. |
| 5 | Moorfields Eye Hospital | April 2024 | Ransomware attack encrypted 60GB of patient and insurance data, affecting hospital operations. |
| 6 | Voice Cloning Heist | 2023 | Scammers used voice-cloning technology to steal $35 million from a Hong Kong bank. |
| 7 | UAE School Revenge Attack | August 2023 | Insider threat from a former IT director deleted critical files, emphasizing the risk of insider access. |
| 8 | Dubai Airports | 2013 | Data breach exposed personal information of employees, highlighting security challenges in critical sectors. |
| 9 | Government Cyberattack | Various | Cyberattacks on UAE government agencies exposed confidential employee information, raising national security concerns. |
| 10 | Dharma Ransomware | 2019 | Widespread ransomware attacks disrupted operations for numerous UAE companies, illustrating business vulnerabilities. |
| 11 | UAE’s Lulu Hypermarket | July 2024 | Data breach exposed over 200,000 customer records, with threats of future leaks of millions more. |
| 12 | Cyber Threats in the Telecom Sector | 2024 | Alleged breaches at DU Emirates and ETISALAT compromised customer data, raising alarms about telecom security. |
In a cunning phishing scheme, cybercriminals compromised Dubai’s Cheers Exhibition by infiltrating their email server and sending fraudulent messages to their clients. One international client, tricked by the authenticity of the email, transferred $53,000 to the attackers, believing it was a legitimate transaction. This incident brought to light the financial vulnerabilities businesses face due to sophisticated email phishing, underscoring the need for robust email security and user awareness training to help mitigate the risk of similar attacks in the future.
Emirates Airline was implicated in a potential data leak scandal when allegations surfaced that it had inadvertently shared customer information, including emails, phone numbers, and itineraries, with third-party companies. Though no financial data or sensitive information was compromised, the incident highlighted possible lapses in data handling practices and raised concerns about the airline’s data privacy policies. This situation serves as a reminder of the importance of implementing stringent data management controls to protect customer privacy and maintain trust.
In a large-scale data breach, ride-hailing giant Careem saw 14 million user records accessed by attackers, exposing email addresses, phone numbers, and trip histories. Although financial data was not impacted due to encryption, the breach illustrated the immense value attackers place on personal data and the vulnerabilities of large platforms to sophisticated cyber threats. Following this incident, Careem intensified its security measures, emphasizing the need for continued investment in data encryption and system security across tech-based services.
UAE Invest Bank found itself in a high-stakes ransomware attack when a hacker, operating under the alias “Hacker Buba [1],” accessed sensitive customer data and demanded a ransom of $3 million in bitcoin. When the bank reportedly refused to pay, the hacker began leaking portions of the data online, creating widespread concern about customer privacy and financial data security. This breach underscored the growing risk of ransomware attacks in the financial sector and highlighted the difficult decisions organizations face when ransom demands threaten both data privacy and reputation.
Dubai’s Moorfields Eye Hospital became a target of the AvosLocker ransomware group, who encrypted 60GB of crucial patient and insurance data. This breach threatened patient confidentiality and revealed just how vulnerable healthcare providers are to cyberattacks. The attack impacted the hospital’s operations and patient services, leading to calls for improved cybersecurity measures in healthcare, especially given the sensitive nature of medical data and the critical need to ensure its security.
Using advanced voice-cloning technology, scammers orchestrated a major heist by impersonating a high-level company director, convincing a Hong Kong bank to transfer $35 million to fraudulent accounts. This elaborate scam exposed the dangers posed by deepfake technology, which can convincingly mimic voices and lead to devastating financial losses. The incident emphasized the need for more stringent identity verification measures, even in urgent or high-stakes financial transactions, to counter the risks of evolving digital threats.
A disgruntled former IT director at a UAE school gained unauthorized access to its internal systems, deleting critical files in retaliation for his termination. This attack, motivated by revenge, highlighted the substantial threat that former employees with lingering access pose to an organization’s data and operations. The incident underscores the importance of promptly revoking system access for former staff members and implementing strict access controls to protect sensitive information from insider threats.
In 2013, hackers targeted Dubai Airports, breaching its systems and exposing the personal data of employees. Although the data was reportedly not maliciously used, the breach shed light on the security challenges faced by key infrastructure sectors and the growing need for comprehensive cybersecurity defenses. This incident underscored the importance of protecting not only customer data but also employee information, especially within critical sectors like transportation that are essential to national operations.
UAE governmental agencies have increasingly become targets for cyberattacks, with hackers in one incident accessing confidential employee information, sparking concerns over national security and data privacy. These breaches illustrate the vulnerabilities within government systems and the pressing need for fortified cybersecurity measures. As government agencies house critical information, these incidents underscore the risks posed to public and national safety when sensitive data is compromised.
The widespread impact of the Dharma ransomware in 2019[2] affected numerous UAE-based businesses, locking systems and causing major operational disruptions. Companies that refused to pay the ransom saw prolonged downtimes and faced costly recovery processes, highlighting the destructive potential of ransomware on business continuity. This event stressed the importance of ransomware defense strategies, including regular data backups and robust recovery plans, as essential components of a resilient cybersecurity framework.
Lulu Hypermarket, a leading retail chain based in Abu Dhabi, recently suffered a significant data breach allegedly orchestrated by IntelBroker hackers. In an initial release, over 200,000 customer records, including emails and phone numbers, were exposed on Breach Forums. The hackers have indicated that millions more records, containing user and order details, may be leaked in the future. This breach underscores the vulnerabilities retail giants face and highlights the critical need for robust data security measures to protect vast amounts of customer information, which could otherwise be exploited for fraudulent activities.
The telecommunications sector has seen a worrying rise in cyber threats, with DU Emirates being one of the latest victims in an alleged data breach affecting over 371,000 customers. The breach reportedly exposed customer device details, IP addresses, and internal network logs, potentially placing both privacy and national security at risk. Earlier this year, ETISALAT, another major UAE telecom, was targeted by LockBit ransomware[3], with attackers demanding $100,000 to return stolen data. These incidents emphasize the susceptibility of telecom providers to sophisticated attacks and the need for strengthened cybersecurity frameworks to protect customer data, operational integrity, and critical infrastructure.
The landscape of data breaches has evolved significantly over the years, revealing patterns that highlight both the challenges and vulnerabilities organizations face in protecting sensitive information. In the UAE, several key trends have emerged in recent years, driven by technological advancements, increasing cyber threats, and shifting regulatory requirements.
The history of data breaches in the UAE highlights a critical need for enhanced cybersecurity across various sectors. Each incident underscores vulnerabilities that organizations must address to protect sensitive information and maintain customer trust. By prioritizing robust security measures and fostering a culture of awareness, businesses can better defend against evolving cyber threats. As technology progresses, so must our commitment to safeguarding data, ensuring a secure digital landscape in the UAE.
Data breaches can strike any organization, and the fallout can be severe. Are you prepared to protect your sensitive information? Investing in expert information security services is essential for safeguarding your business and maintaining your reputation. Don’t wait for disaster to strike—take the initiative to enhance your security measures today. Contact us to find out how we can help you create a secure environment for your organization and clients.
The biggest data breach in history is the Yahoo data breach, which occurred in 2013 and affected all 3 billion user accounts. This breach involved the theft of personal information, including names, email addresses, and security questions.
The UAE faces significant cyber risks due to its rapid digital transformation and high reliance on technology. Key threats include ransomware attacks, phishing schemes, and data breaches, particularly in sectors like finance, telecommunications, and government.
The United States has the highest number of reported data breaches, with thousands of incidents annually across various industries, reflecting its large population and extensive use of digital services.
The first recognized data breach occurred in 1984 when hackers accessed a computer at the University of California, Los Angeles (UCLA), gaining unauthorized access to sensitive student information.
The three main types of data breaches are:
The biggest government data breach occurred in 2015 when the U.S. Office of Personnel Management (OPM) was hacked, compromising the personal information of approximately 22 million federal employees and contractors.
