Dubai-based Gems Education hit by cyber attack

Company has not confirmed whether any data breach occurred

DUBAI, UAE. February 17, 2015 - Stock photograph of students boarding their school buses after school at Gems Modern Academy in Dubai, February 17, 2015. (Photos by: Sarah Dea/The National, Story by: Roberta Pennington, News) *** Local Caption *** SDEA170215-gemsmodernacademy21.JPG

Stock photograph of Gems pupils boarding school buses in Dubai. Sarah Dea / The National

Alkesh Sharma author image
Alkesh Sharma
Feb 24, 2022
Powered by automated translation

Gems Education, the largest education operator in the UAE, faced a cyber attack that had a minimal impact on the group’s operations, the company said on Thursday.

The company said an investigation was under way. It has not yet confirmed whether any personal or financial data has been breached.

“We became aware of a recent cyber security incident, at which time we immediately enacted our cyber security response plan. Thanks to our robust business continuity plans, impact to our operations has been minimal,” Dino Varkey, group chief executive of Gems Education, said in an email sent to parents.

“It may be some time before we can determine the full extent of the incident,” Mr Varkey said.

Read More
How cyber attackers used Bond film ‘No Time to Die’ to exploit fans
Top cyber security predictions for 2022 and beyond

Started in 1959, Gems Education has more than 40 schools in the UAE, as well as schools in Saudi Arabia, Qatar, Europe, Africa, India, South-East Asia and North America.

Gems said it does not store the bank account details or credit card information of the families or guardians of its pupils. But it said some personal data could have been compromised.

That includes identification documents, financial information, such as payment history, and data related to creditworthiness, health or medical records, and log-in details, such as usernames and passwords.

The group has engaged third-party expertise and legal counsel to assist in its investigation.

“We have also notified the relevant authorities, including our education and data protection regulators and law enforcement. We are closely working with them and they continue to support us,” Mr Varkey said.

Students refilling their bottles from the water fountain at the Gems Legacy School in Dubai. All photos: Pawan Singh / The National

Students refilling their bottles from the water fountain at the Gems Legacy School in Dubai. All photos: Pawan Singh / The National

Cyber attacks have risen sharply in recent months, with a recent World Economic Forum report calling 2021 an “unprecedented year for cyber crime in terms of volume and severity”.

The cost of breaches amounted to an average of $3.6 million per incident for businesses alone, as companies rapidly digitised to ensure business continuity during the pandemic.

Overall, cyber criminal activities were projected to inflict damage worth about $6 trillion globally in 2021, a study by research company Cybersecurity Ventures found.

Message to parents

Gems has suggested a few guidelines and precautionary steps for parents to follow:

  • Be suspicious if anyone contacts you by email, phone call or text message asking you to confirm your personal data or financial details;
  • Change all your and your child’s passwords, including those for Gems accounts. Always use strong passwords and enable two-step authentication on all your online services;
  • Check bank accounts regularly and contact the bank if you see any transactions that you do not recognise.

What is cyber crime and how can I protect myself online?

cyber security
Updated: February 25, 2022, 5:49 AM
UAEEducationTechnology
Editor's picks
More from the national