Major Israeli insurance company hit in suspected cyber strike

Previously unknown hacker group Black Shadow claims responsibility for alleged attack on Shirbit, which resulted in personal details of customer leaking online, including those senior judge; National Cyber Directorate probing incident
Ynet|
The Israeli insurance company Shirbit and the National Cyber Directorate are investigating a potential cyber attack on the company's website and servers that saw customers' personal details leaked online.
  • Follow Ynetnews on Facebook and Twitter

  • A short while after the company's website crashed due to the alleged attack on Monday, an unknown hacker group calling itself Black Shadow took responsibility on Twitter.
    4 View gallery
    Illustrative
    Illustrative
    Illustrative
    (Photo: Shutterstock)
    “A huge cyberattack has taken been [sic] place by Black Shadow team. There has been a massive attack on the network infrastructure of Shirbit Company , which is in israel [sic] economic sphere” tweeted the group, while tagging several major media outlets around the world including the BBC, Reuters and CNN. The Black Shadow account was later suspended by Twitter.
    4 View gallery
    A tweet from the BlackShadow account, which was later suspended
    A tweet from the BlackShadow account, which was later suspended
    A tweet from the Black Shadow account, which was later suspended
    (Photo: Screenshot)
    The group released personal documents such as ID numbers and drivers licenses and addresses that were allegedly stolen from Shirbit's systems - including that of a senior judge, although authorities claim information about customers’ credit cards was not leaked.
    The company and directorate's biggest worry lies in the fact that Shirbit was awarded the tender to provide car insurance for state employees several years in a row, meaning that the company holds vast amount of information on civil servants that may have now been compromised.
    4 View gallery
    דלף מידע מחברת ביטוח, חשד למתקפת סייבר
    דלף מידע מחברת ביטוח, חשד למתקפת סייבר
    Shirbit insurance company
    According to cyber experts, this is the same group behind a thwarted attack on Israel's major defense corporations a few months ago.
    The Capital Market, Insurance and Savings Authority, which supervises insurance and pension funds in Israel, said: "An initial inspection shows that the information leaked was customers' insurance details… The inspection is currently continuing.”
    Omri Segev Moyal, a cyber expert from cybersecurity firm Profero, said: "Israel is a preferred target for 'hacktivists', especially Islamists. We see such attacks on a regular basis… Due to the escalation with Iran, there is a real possibility they are behind the attack and are hiding behind the activist group instead of being officially exposed."
    4 View gallery
    דלף מידע מחברת ביטוח, חשד למתקפת סייבר
    דלף מידע מחברת ביטוח, חשד למתקפת סייבר
    Some of the personal data allegedly leaked by Black Shadow
    Einat Meyron, an expert in preparing for and handling cyber strikes in businesses said: "The [leaked] documents indicate the scale and depth of the hack. As everyone knows, Shirbit won the car insurance tender for state employees, so the incident is troubling for many. The fact that they gained access to much extensive information indicates a continuum of failures, lack of control and poor management. "
    Dr. Harel Menashri, one of the founders of the Shin Bet security service’s cyber directorate and the current head of cyber at Holon Institute of Technology, said the attack is most troubling.
    "We should remember that Shirbit had the tender for civil servants," said Menashri. "The thing now is to do damage control [as] these people - including civil servants and the senior judge - may be exposed to coercion, extortion and even surveillance.”
    Comments
    The commenter agrees to the privacy policy of Ynet News and agrees not to submit comments that violate the terms of use, including incitement, libel and expressions that exceed the accepted norms of freedom of speech.
    ""