300K Ras Al Khaimah Port Vistors’ Data for Sale on Database Sharing Platform

###### Category Adversary Intelligence
###### Affected Industries Transport
###### Affected Region Middle East, UAE, Ras Al Khaimah
###### Data Fields Passport Details, Visa Details

Discovery of the leak

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a database marketplace, advertising the information of 300,000 records belonging to visitors of the Ras Al Khaimah (RAK) Port. RAK port is a key part of Ras Al Khaimah’s economy and acts as a maritime gateway for import and export activities.

The post, which was published on 11 April 2021, claims that a database of 300K visitors of the RAK port is available for sale. This has also been advertised on the threat actor’s Telegram channel.

Contents of the Leak

The leaked database contains the following information:

  • 83,000 Emirates Visa
  • 21,000 CID
  • 70,000 Company Letter Docs
  • 500 Company Licenses
  • 28,000 RAK Port Licenses

Data Verification and Validation

The threat actor has shared some sample data, which is yet to be validated.


  1. Threat actors can use the PII in the data dump to orchestrate phishing campaigns, online and offline scams, and even identity theft.
  2. Usually our mobile numbers and email IDs are linked to banking, mobile wallet, and other online accounts. Having these details makes it easier for threat actors to compromise victims’ accounts.

General Recommendations

  1. Use strong passwords.
  2. Enable multi-factor authentication for all your online accounts.
  3. Don’t share OTPs with third-parties.
  4. Review online accounts and financial statements periodically.
  5. Regularly update your apps and any other software you use.