2 min read

Israel shaken by data leak after ransomware attack at Shirbit insurance company

Graham CLULEY

December 07, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Israel shaken by data leak after ransomware attack at Shirbit insurance company
  • Hackers leak screenshot of negotiation with breached insurance giant
  • Israeli government reportedly reconsidering relationship with insurance firm following security breach

A hacking gang calling itself Black Shadow has demanded a giant insurance firm pay a US $3.8 million ransom after encrypting and stealing sensitive data and documents about its clients.

Customers of the victim, Israel’s Shirbit insurance company, have been advised to consider obtaining new identity cards and driving licenses due to the risk of identity theft after the hackers released a third wave of stolen data this past weekend.

Leaked data has included scans of identity cards, marriage certificates, and financial and medical documents.

The latest leak by Black Shadow of data from Shirbit followed the insurance company’s refusal to meet a Saturday 9am deadline set by the extortionists to pay the 200 bitcoin ransom.

Initially, the attackers requested a 50 bitcoin (approximately $950,000) ransom be paid, but this increased to 100 bitcoin after Friday 9am, and then to 200 bitcoin by Saturday morning.

For its part Shirbit has said that it will “not give in to this kind of terrorism.”

Late last week, the hackers shared a screenshot of what they claimed was a negotiation via WhatsApp between themselves and someone called “Ilia” representing Shirbit.

Part of the conversation read as follows:

Ilia: Good morning, I’m Ilia, and ill be communicating with you on behalf of Shirbit CEO.

Black Shadow: Hello

Ilia: Good to communicate. Finally. Is it good time now or its middle of night there?

Black Shadow: Good

Ilia: Good. How we move forward?

Black Shadow: If you pay us 50 BTC, we will not leak anything anymore

Ilia: Yes. This I understand from text. but you know that its not work like that. Like dating, we need to now a little one the other.. To know. sorry

Black Shadow: So, if you dont pay we will leak part of data at 9:00 am tomorrow

Following the data leak, Black Shadow released a statement threating to publish more stolen data:

“We did what we promised. The company did not want to pay us. Shirbit proved to everyone that clients” documents are not important to them,” adding that “we still have ten terabytes of information left.”

No doubt there are many clients of Shirbit concerned about the security breach, and worried that their data may fall into the hands of criminals as a result of the attack.

Amongst those clients are the Israeli government, which according to some media reports will reconsider using Shirtbit as an insurance provider for government workers in the wake of the security breach.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Israeli Authorities Seized Severs of Breached Company for Not Cooperating Israeli Authorities Seized Severs of Breached Company for Not Cooperating
Silviu STAHIE

July 04, 2022

1 min read
FTC warns LGBTQ+ community of extortion scams targeting them on dating apps FTC warns LGBTQ+ community of extortion scams targeting them on dating apps
Graham CLULEY

July 01, 2022

2 min read
OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you? OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you?
Radu CRAHMALIUC

June 30, 2022

3 min read