Hack Exposes Israeli Credit Card Information

JERUSALEM — Hackers claiming to be Saudis posted credit card information of thousands of Israelis on the Internet, credit card companies said Tuesday, in what appeared to be a politically motivated attack. One expert played down its scope.

The Israeli Ynet news website said the hackers, identifying themselves as Group-XP, called the cyber attack a "gift to the world for the New Year" that they hoped "would hurt the Zionist pocket."

They claimed to have compromised 400,000 credit-card holders, but Israel's central bank said only about 15,000 active cards were affected.

"Group-XP is a known Saudi hacking group that seeks to propagate Wahhabism," the strict form of Islam practiced in Saudi Arabia, said Gadi Aviran of Terrogence Ltd., an Israeli web intelligence company.

"The fact that the hackers offered the credit card details for free and admitted to using the cards in order to expand their activity and cause more damage to Israelis in the future shows that they were not motivated by criminal intent or greed," he said. "This event is less cyber warfare than cyber terrorism."

Another cyber expert, Gadi Evron, told The Associated Press that it would be almost impossible to verify the attackers were Saudi.

Evron, who once oversaw security for the Israeli government Internet provider, said the attack was "nothing special" technically and was mundane, given the millions of credit card numbers stolen online daily.

"Potentially, such attacks could be devastating," he said. "This is not one of them."

It focused attention again about potential dangers for consumers in using electronic commerce services, he said, and demonstrated how relatively simple attacks could affect an entire country.

Ynet said the information was posted on an Israeli sports website and removed shortly after it appeared. Credit card companies said they blocked Internet purchases on the compromised cards and would issue replacement cards soon.

Israeli security officials said Israel's Shin Bet internal security agency has a special unit that advises sensitive sectors considered vital to security, like public utilities, about Internet security. It recently added banks and cell phone companies.

The officials spoke on condition of anonymity because they were not authorized to discuss security matters.

Evron said Israel, a high-tech powerhouse, is one of the most frequently hacked countries in the world, though the attacks generally are not sophisticated. Many of the attacks are linked to pro-Palestinian or pro-Arab hackers, he said.

"As a rule, whenever there is some sort of ethnic or political tension around the world...you can guarantee that two days later or an hour later, for at least a few weeks, there are going to be some kind of online attacks going on," Evron said.

There have been no confirmed reports of sensitive Israeli government sites being hacked. Several weeks ago, websites of Israeli spy services and other official sites briefly went down, but the government denied pro-Palestinian hackers were to blame and characterized the event as a technical malfunction.

________

Additional reporting by Ian Deitch.

Related on HuffPost: