A threat actor going by the name verifiedBpp has purportedly put up for sale a significant amount of data allegedly sourced from the Saudi Ministry of Health. The dataset, spanning from 2020 to 2024, comprises 100 GB of information, including sensitive personal details such as full names, addresses, telephone numbers, blood types, patient records, staff internal messages, and emails. The sale package also encompasses access to administrative, staff, and patient pages, allowing the manipulation of user permissions and access to internal systems like the Covid-19 system, My Health system, and Seha platform. This extensive data collection reportedly includes information on infections, tests, recoveries, deaths, and various other demographic details such as names, ID numbers, ages, nationalities, genders, places of diagnosis, residences, and mobile phone numbers.
Source: Original Post