Thed Saudi Arabian hacker who styles himself OxOmar claims that he has details of some one million credit cards belonging to Israelis, mocking the claims of Israeli credit companies that details of only 14 thousand credit cards were stolen in the break0in to Israeli websites.
"We decided to give the world a gift for New Year's the personal information of 400 thousand Israelis,” the Saudi hacker wrote. In a message posted today, he claimed that only a single file that he had uploaded contained details of 27, 000 working cards. The hacker claims to have made purchases using the card details, and urges others to follow suit.
Isracard CEO Dov Kotler said this week that dozens of purchases had been identified that had been made with the stolen details, but for small amounts, and that the cards had swiftly been blocked from making Internet purchases.
Today, Omar has published an additional list with details of 11,000 cards, and claims that this is a partial list out of 60,000 cards details of which will be published in full shortly.
"Globes" checked and found that in the new file that has been released are full details of credit cards, including expiry date and CVV (the three digits on the back of the card), full names, addresses, and telephone numbers. The file also contains e-mail addresses and passwords. From the sample check by "Globes" it appears that the e-mail account passwords work, and that anyone who lays hands on the file can break into e-mail inboxes without difficulty. This of course means that the problem is far greater than use of credit cards alone.
Despite earlier denials by security experts that this was a deliberate hacking attack on Israel, there now appears to be no doubt that it is such an attack, as indicated by the hacker's frequent use of the words "Zionist" and "Zionist lobby". It is not yet known which website the credit card details were stolen from. "I've hacked more than 80 Israeli servers to gather those data… I've hacked much more than you can imagine, but I hate fake media and Zionist lobby in media and internet," the latest post by the hacker says.
The Bank of Israel said that the matter was under investigation.
Isracard said, "The company is investigating the matter thoroughly, and we will act immediately to protect our customers."
Leumi Card said, "After examination of the new list, it emerges that only a few dozen Leumi Card cards are involved. Use of these cards on the Internet has already been restricted, and we are currently contacting the relevant customers. We are ready for any possible scenario, and we are investing all our resources to protect our customers, as was demonstrated in this week's events."
Israel Credit Cards-Cal Ltd. (ICC-Cal) (Visa) said, "In the file released today, Thursday afternoon, details appeared of some 800 of our company's customers. The cards were immediately blocked from Internet and telephone purchases, and notification is now being sent to the customers. Customers can go the company website at www.cal-online.co.il, type in their ID number and the last four digits of their card number, and receive an immediate answer as to whether details of the card have been revealed. As in the previous incident, now too all ICC customers are protected and will not be harmed. We will take care of issuing customers with new cards within a few days."