A threat actor has allegedly breached the systems of the Dubai Municipality, the government agency responsible for a wide range of city services in the Emirate of Dubai. The Dubai Municipality is a critical organization, overseeing urban planning, construction, environmental protection, and the upkeep of public facilities for the city’s diverse population. With a workforce of over 15,000, the municipality is a major force in the development of Dubai.
The threat actor claims to have gained access to the municipality’s systems in July 2025. While the full extent of the breach is not yet known, the actor has listed several types of sensitive data that were allegedly exfiltrated. The compromised information is said to include internal documents and user data. The actor has made the data available for sale on a popular hacking forum.
The allegedly leaked data includes:
- All Jira tickets from the municipality’s Jira instance
- Confluence documents and reports dating back to 2025
- A text file of all users with access and their corresponding emails
- Miscellaneous screenshots
