25,000 UAE Police Officers’ PII for Sale on Data Sharing Forum

Several forum members have shown interest to procure the data that is being sold for $500. The data could be used to blackmail law enforcement officials.

Share this Intel:

CloudSEK has discovered a data leak that contains sensitive information of 25,000 United Arab Emirates (UAE) police officers. The police in the UAE come under the Ministry of Interior. However, each of the 7 emirates has a police force that is responsible for law and order within their borders. And the ministry integrates these police forces and security systems.

Discovery of the leak

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a surface web database marketplace, advertising the information of 25,000 UAE police officers. 

The post was published on 07 July 2020 at 11:51 AM. The poster is selling ‘UAE Full(25K) police info’ for $500 and has shared 9 samples to support their claims. In response to this post several forum members have shown interest in buying the data. 

UAE police data for sale

We downloaded the samples from the forum to validate its contents.  

The contents of the leak

The sample images contain 9 police officers’: 

  • First name
  • Last name
    • Mobile number
    • Email address
  • Work phone number
  • Address (in some cases)

 

Data verification and validation 

Using public sources we were able to verify various fields in the sample data. The sample contains the details of officials in the Dubai and Abu Dhabi Police forces. 

UAE conv

In response to a buyer’s query, the seller has shared the image of an Abu Dhabi Police (adpolice.gov.ae) database that contains 31,878 files and 6 folders. 

UAE files

 

Impact

Since this data belongs to law enforcement officials, the impact is much greater:

  1. These details could be used to harass and blackmail officials.
  2. Threat actors can use the PII in the data dump to orchestrate phishing campaigns, online and offline scams, and even identity theft.
  3. Since the source of the leak is not known, there is a possibility that threat actors can continue to exploit it. 
  4. Usually our mobile numbers and email IDs are linked to banking, mobile wallet, and other online accounts. Having these details makes it easier for threat actors to compromise the officials’ accounts. 

Next Steps

Recommendations for the affected officials
  1. Enable multi-factor authentication for all online accounts. 
  2. Don’t share OTPs with third-parties. While this is a rule of thumb, it is especially relevant in this case, because threat actors already have email IDs and phone numbers. So, the OTP is the only thing standing between threat actors and the officials’ accounts. 
  3. Review all online accounts and financial statements for suspicious activity.
  4. Caution friends and family against threat actors impersonating them.
Recommendations for the police forces
  1. Inform the affected officials.
  2. Identify the source of the leak and fix the vulnerability at the earliest.
  3. Perform an audit to ascertain the full extent of the leak and check if threat actors have launched any other attacks.

Be informed about these Threats in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about these threats first in your inbox.