Dubai: The GEMS group of schools in the UAE has alerted parents of students enrolled with the group’s schools about a cyberattack on the group’s website.
A statement issued by the GEMS education spokesperson said: “We can confirm that GEMS Education has unfortunately been the target of a cyberattack in recent days. We have enacted our well-rehearsed cybersecurity response plan and our IT team is ensuring that all our systems are safe and secure. We have engaged the necessary third-party expertise to assist us in our investigation and in the meantime all our schools remain open and running as normal.”
Parents have been advised to change all their passwords and those of the students as well and not to respond to any suspicious phone calls or text messages, asking for any personal or bank or family details.
Informing the GEMS families about the extent of the threat, the circular further said: “As our investigation is still ongoing, we have not yet confirmed whether any of you or your family’s personal and financial data has been unlawfully accessed as part of this cyberattack. It may be some time before we can determine the full extent of the incident. While we can confirm that we do not store bank account details or credit card information of families or guardians of our pupils, it is still possible that the following types of your personal data have been affected:
Identification documentation (such as passport copies and Emirates IDs or other national IDs).
Financial information (such as payment history between you and GEMS, information related to creditworthiness, any debts owed to GEMS or that GEMS owes you). We do not store bank account details or credit card information.
- New cybercrime law: Clicking someone’s picture in a public place now punishable offence in UAE
- COVID-19: 25,000 cybercrime complaints registered by Dubai Police on E-Crime platform
- Harsher penalties for creating fake social media accounts, emails, websites in UAE
- Fake news in UAE: Up to Dh200,000 in fines, jail time, in new UAE Cybercrime Law
Health or medical information (such as pupil allergy information or absence related to illness).
Log-in information (such as user names and passwords) for your and/or your child’s access to GEMS systems.”
The GEMS cybersecurity team has launched a full investigation into the breach.