The Limited Times

Now you can see non-English news...

The sensitive tender and the late response: Cyber ​​experts warn of a huge breach in the wand - Walla! news

2020-12-01T19:13:00.013Z


The hacker group announced an intrusion into the insurance company's systems yesterday, but it announced a suspicion of information leakage only this morning and asked for help from the national cyber system. It is estimated that information from tens of thousands of people collected over the years has leaked. Experts in the field have expressed concern: it is not clear if this is all that has been leaked, but the picture is worrying


  • news

  • News in Israel

  • Criminal news and law

Sensitive tender and late response: Cyber ​​experts warn of a huge breach in the wand

The hacker group announced an intrusion into the insurance company's systems yesterday, but it announced a suspicion of information leakage only this morning and asked for help from the national cyber system.

It is estimated that information from tens of thousands of people collected over the years has leaked.

Experts in the field have expressed concern: it is not clear if this is all that has been leaked, but the picture is worrying

Tags

  • Cyber

  • hackers

  • Shirbit

Mikey Levy

Tuesday, 01 December 2020, 11:19

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

  • Speech by Hezbollah Secretary General Hassan Nasrallah on Martyrdom Day, 11 ...

  • Netanyahu: Shame that Gantz uses the IDF as a tool for political blasting ...

  • The High Court recommends that the State Attorney's Office open an investigation into the leak ...

  • Netanyahu "out of national responsibility - I decided tonight to accept ...

  • Carmel Meuda, who is accused of abusing children, testified, the parents ...

  • Suspected murder: A 35-year-old man was found dead with gunshot marks at the site ...

  • The Committee for the Advancement of the Status of Women is discussing a plan to reduce ...

  • A 17-year-old boy from a candle shield was stabbed to death in a brawl;

    7 suspects ...

  • Violence incident in Jerusalem, two family members were seriously injured ...

  • Murder in Araba: A man collided with his ex-wife's car and stabbed her ...

  • The court discusses the arguments for the sentence of the head of the Julis council ...

  • Shooting at a bank branch in Marar: suspect killed, young woman moderately injured ...

Edited by Nir Chen

Sources in the cyber industry warned today (Tuesday) that the hackers who broke into the servers of the "Shirbit" company may have even more information than what was published.

"This is a very big attack," the sources say, "on the one hand they have published quite a few things. On the other hand, it is not clear if this is all there is or it is just a promo. One way or another it is quite a bit. It is difficult to know everything they have, so far It's very worrying. "



The BlackShadow hacker group claimed responsibility for the hack into the company's servers, and posted huge amounts of customer and document information on its Twitter and telegram accounts, from 2012 to 2020, in a volume of 929 gigabytes.

In the leaked information, you can find ID numbers - which are used by many bodies, including government agencies, as a secondary means of verification.

Less than a month ago, Shirbit won a tender for private car insurance for civil servants in 2021, with many insured serving in the security forces.



Among the recordings posted on the attackers' telegram page, there is a conversation with a customer, her ID number and the details of the accident she spoke to the company about.

In addition, an email was published containing credit card details, as well as the details of Judge Gilad Neutel, who serves as president of the Tel Aviv District Court.

More on Walla!

NEWS

Hackers hacked into the servers of the insurance company "Shirbit" and leaked personal information on a huge scale

To the full article

Huge amount of documents collected over the years (from the documents published by the blackShadow group)

It is not clear how long the attackers planned and worked on the attack.

"Hackers are working with automated tools, looking for a burst (eg date software or information push, allowing entry - mL) automatically, and once entering derive the information within minutes," says an executive at a cyber large.



"This does not necessarily mean that's what happened , But in general, to get a lot of information does not need prolonged tracking.

"Of course there are completely different scenarios - and all on the table right now because it is not clear - such as tracking a specific employee, or dropping employees through various scams," he concluded.

Sensitive information of customers, including civil servants (from the documents published by the blackShadow group)

The hacker group's accounts announced the attack as early as 4pm yesterday.

However, just this morning, "Shirbit" announced, in conjunction with the Capital Market, Insurance and Savings Authority and the National Cyber ​​Array, that it is investigating a suspicion of a cyber attack on the company's website and its servers and a leak of private customer information.

The company began investigating the suspicion last night, and asked the national cyber system to assist them in locating the information leak and the damage of the hack.



The joint announcement to the company and the capital authority stated that the investigation into the matter is ongoing but according to India that they estimate that information has indeed been leaked.

"An initial inspection shows that this is information about customers' insurance details. In a joint effort by the authority and the system, the inspection continues," it was reported.

The cyber system and the Capital Market Authority stated that "as a result, the system, together with the authority, has refined its guidelines for the institutional bodies in the economy."



"Information obtained from the company and tests conducted suspect a cyber incident against the company, in which insurance documents were issued from the company. We note that the data released does not contain information that could harm our insureds. The company has taken and will continue to take all necessary measures to prevent such incidents." Which was sent to the company's customers, and it was emphasized that the incident was still being processed.

The company's website, which is still disabled, states that "Shirbit works to protect the confidentiality of the data using advanced security methods and is committed to the issue. The information security on the website is intended to ensure customer identification and encryption of the identification data transmitted during the call process."

Despite this, the leaks published by hackers showed credit details and IDs that had passed through the email, without encryption.

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

Source: walla

All news articles on 2020-12-01

You may like

Trends 24h

News/Politics 2024-03-28T06:04:53.137Z

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.