The Bank of Israel assuaged growing cardholder concerns on Tuesday, announcing that the information was repeated and only 14,000 cards were hacked. The credit card companies—Isracard, Leumi Crad, and Visa CAL—have made efforts to notify the cardholders and to freeze any telephone and internet capacities. They have assured their clients that any and all purchases made subsequent to the incident will be abrogated, and have alerted their customers to monitor their cards.
According to Maglan Internet Defense Technologies, the scheme was likely perpetrated by two or three hackers from Kuwait, Saudi Arabia, or Croatia. Shai Blitzblau, the managing director of the internet firm, asserted that the hackers have likely targeted numerous countries throughout the world, including Arab states, allaying suspicions that the hackers were specifically targeting Israeli cardholders. Sources have indicated that the personal information of tens of thousands of non-Israeli citizens was also released.
Other websites that were penetrated besides for One.co.il include sale365.co.il and bizmakebiz.co.il. The hackers redirected visitors to pasteby.com, and were urged by a hacker self-identified as xOmar 0 to download a file that contain 30 megabytes worth of Israelis and their private information.
While the exact ethnicity of the hackers remains subject to dispute, comments left by them suggest that their efforts were largely directed at hurting Israel. “We decided to give the world a gift for New Year’s—the personal information of 400 thousand Israelis,” wrote one hacker. “Group-XP is a known Saudi hacking group that seeks to propagate Wahhabism,” suggested Gadi Aviran of Terrogence Ltd., an Israeli web intelligence company, referring to the Saudi Arabian strain of Islam. “The fact that the hackers offered the credit card details for free and admitted to using the cards in order to expand their activity and cause more damage to Israelis in the future shows that they were not motivated by criminal intent or greed,” he said. “This event is less cyber warfare than cyber terrorism.”