When Israeli credit cards were first leaked by a Saudi hacker on Monday, some experts said the initial number of cards affected -- some 15,000 -- would not be the final tally. On Thursday, it turned out the pessimists were right.
On Thursday afternoon Saudi hacker OxOmar leaked an additional file with the details of 11,000 new cards. Out of this list, Israel's three credit card companies identified 6,048 active Israeli cards, and immediately blocked them. Most of these belonged to Isracard customers. Because some people have more than one card, the Bank of Israel found that as of Thursday night 17,530 Israeli citizens had been affected by the continuous credit card leak.
Get the Israel Hayom newsletter sent to your mailbox!
Except this time the Saudi hacker did not stop at leaking mere names and credit card numbers. He also exposed the Israeli identification numbers and addresses of many Israelis whose credit card numbers he exposed. In addition, tens of thousands of Israelis' email addresses were made public.
"My goal is to hurt Israel -- politically, economically and culturally," the hacker wrote on Thursday in an email exchange with Israel Hayom. "I can't tell you the names of the sites I've hacked into but I have access to tons of Israeli servers including government servers and military contractors." The talkative Saudi hacker reportedly held email conversations with a range of Israeli media outlets. In an email exchange with Israel Army Radio, OxOmar said he was "waiting for the Mossad" to catch up to him, and that people in Saudi Arabia were praying for his success.
The hacker conveyed the same message in an earlier announcement he posted on the Internet.
"If needed, maybe in next time I start sharing all data I have downloaded from Israeli military contractor companies and let the world have their all documents," he wrote [sic]. "I'm thinking to start doing it from an Israeli company which creates jammers and eavesdropping devices."
The hacker expressed anger over the fact that the "fake Jewish and Zionist lobby media" had minimized his accomplishment, saying only 14,000 cards had been exposed. "This made me a little unhappy," he wrote. "So I've started thinking of sending all Israeli credit cards I own which reaches 1M data. I'll do it soon!"
Israel Hayom asked him when he plans to post the new information. "Soon, in a couple of weeks," he wrote. "Up till this point, I've posted tons of credit card numbers. It's not 14,000. It's more than 100,000. Israel must admit this it or I will continue to leak more and more."
The hacker told Israel Hayom he works alone, out of Saudi Arabia. He apparently told other media outlets that he is 19 years old.
Earlier, in his Internet post, the hacker wrote, "Zionist lobby media, pay attention to what I sent to internet," followed by "Saudi Arabia for ever! Saudi Arabia rules, long life King Abdullah!"
The real danger: identity theft
The Bank of Israel and credit card companies are taking the threats very seriously. The BOI and the companies have said they are taking all necessary steps to prevent damage to cardholders, despite the fact that almost all the cards in question have already been blocked.
Aside from violations to people's privacy, the leak creates a real danger of identity theft as well as potential forging of Israeli credit cards, identification cards, drivers' licenses and passports. All three of Israel's credit card companies have blocked telephone and Internet transactions on all of the exposed cards. Now some fear the Saudi hacker may reveal what those Israelis spent their money on.
The Bank of Israel is looking into the Saudi hacker's claims and is working with credit card companies to investigate the serious security lapse that led to the leak. Initial investigations reveal a profile for those Israelis affected by the most recent Saudi leak. Almost all of them went abroad in the past year and spent time in luxury hotels, mainly in Europe (Germany, Italy, Serbia, Hungary, France, Holland and Great Britain). Almost all of them gave their credit card numbers, names and ID or passport numbers to the hotels for security purposes. Some of the Israelis affected made purchases abroad over the phone or Internet.
Nevertheless, the focal point of suspicion is that the hacker obtained the personal details by hacking Israeli retail and coupon websites.
The affair broke on Monday when surfers on the sports website one.co.il were referred to another site where 400,000 names appeared, along with the details of tens of thousands of credit cards. The investigation, which the Justice Ministry is also involved in, has not negated the possibility that Israelis were involved in planting the information on one.co.il.
It is possible that YAHBAL (Israel Police unit for international crime) could get involved in the investigation, since the criminal activity took place abroad.
All three of Israel's credit card companies said that anyone adversely affected by the leak will be compensated. The CEO of Isracard announced that of the 11,000 new credit card numbers exposed by the Saudi hacker Thursday, about 5,200 belong to its customers. Visa CAL said about 800 of their customers had been affected, while Leumicard said it had only identified 48 of the numbers as theirs.
Visa CAL CEO Israel David on Thursday called on the government to intervene and increase regulation and oversight of Israeli websites. "Without regulation that sets strict standards and oversees websites, the personal information of millions of citizens is at risk," he said.
David said there is no enforcement of website security measures in Israel and that credit card companies are at the mercy of each and every site and the level of protection it chooses to implement.
Meanwhile, Israeli experts are trying to understand who the Saudi hacker is and how it might be possible to apprehend him. "If he knows how to hide himself well, then the chances of finding him are miniscule," said Shai Blitzblau, managing director of Maglan Information Defense Technologies Ltd. "He visits the hacker site from changing locations and conceals his identity well," said Blitzblau, "On the other hand, his boastfulness is uncharacteristic of hackers."
According to Blitzbau, there are signs that more than one hacker is involved. "When you look at the source of his Twitter registration you see that he borrowed his identity from someone else." Still, he said, finding the hacker is not a lost cause. "It would require international cooperation from police and security forces, but there are even ways to apprehend someone in Saudi Arabia if that's where he really is."
Among the victims: famous people
Among those whose credit card details were leaked Thursday was novelist Orly Castel-Bloom. Israel Hayom read the information from the file to the acclaimed author by phone and she confirmed that this had indeed been her credit card number until two weeks ago. Her home address, cell phone number and home phone number were also leaked.
"Yes, that was my credit card number," she said. "I'm surprised. Still, the card hasn't been active for two weeks. I've actually done a lot of Internet shopping recently. I moved house and bought a refrigerator and dishwasher online. I don't think I'll buy things on the Internet anymore."
In addition, the man who led last spring's cottage cheese protest, Itzik Elrov, also had his personal information leaked. "Yes, I do tend to shop on the Internet," he told Israel Hayom on Thursday. "This is the kind of thing you think will never happen to you. I hope they find a way to enforce the law and clean up this mess. But to tell you the truth, I am more concerned with the price gouging that food companies engage in knowingly than with an anonymous Saudi hacker."
Earlier this week, on Monday, Labor party Chairwoman Shelly Yachimovich also had her personal information compromised by the Saudi hacker.
Like our newsletter? 'Like' our facebook page!