Hackers expose 15,000 Israeli credit card details

Hackers have exposed the details of 15,000 credit cards after breaking into the companies responsible for maintaining the information.

Hackers have exposed the details of 15,000 credit cards after breaking into the companies responsible for maintaining the information.

Israel’s Army Radio reported that a group of computer hackers claiming to be of Saudi Arabian origin had taken credit for exposing the credit card details, according to US reports.

The Bank of Israel was quick to issue a statement that the affected cards have been blocked from further use and card holders will not be held liable for any fraud caused by the leak.

The central bank also said the cards, which were issued by Israel Credit Cards, Isracard and Leumi Card, will be replaced.

While the incident does not demonstrate any significant technology advancement, it is interesting to note that this breach indicates that merchants involved in the incident were anything but PCI [Payment Card Industry] compliant, says Amichai Shulman, chief technology officer of security firm Imperva.

However, the really interesting aspect of the breach, he says, is the opportunities it created for attackers.

“One of the immediate effects of the breach is that people in Israel rushed over to the web to check whether they are in the list. This created a wonderful opportunity for attackers of all kinds to promote their business by posting fake links to the list. These links, promoted through black hat search optimisation, are part of either click-fraud campaigns or malware infection schemes,” he said.

Other quick entrepreneurs posted web applications which allow people to check whether their name is in the file by supplying either their e-mail - some of which are legitimate applications posted by security researchers - or their Israeli ID number, which are clearly not legitimate, said Shulman.

“This is of course just a preface to the true problem coming: phishing campaigns and phone scams that are sure to follow,” he said.

Imperva expects a deluge of e-mails, allegedly from the credit issuer that calls for some information disclosure on the part of the recipient as part of an “account restitution” procedure.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...