JERUSALEM (VINnews) — Israeli insurance company Shirbit has been targeted by hackers in recent days who released sensitive client information both before and after the company refused Friday to pay an approximately $1 million ransom being demanded.
Join our WhatsApp groupSubscribe to our Daily Roundup Email
The hackers, who call themselves Black Shadow, published thousands of ID cards, medical documents, checkbooks and other private customer information, including marriage licenses, drivers licenses and bank account information, according to a report by Israel’s Channel 12 news.
Samples of leaked information
The hackers have now doubled and quadrupled their demands and are threatening to sell the information to third parties if the company does not transfer 200 bitcoins (nearly $4 million dollars) to their account by Sunday morning. On Saturday the hackers revealed more information including numerous personal documents of policy owners.
In response Shirbit stated that they “will not give in to this kind of terrorism.”
Before the deadline, the hackers released a statement that said “Shirbit has not paid us the money yet. It seems like the leak of the private details of their customers, employees, and government employees is not important to them.”
In a Friday statement explaining their refusal to pay the demanded sum, Shirbit said that after negotiations all Thursday night, “all the relevant professionals came to the unanimous conclusion that cyberterrorism is aimed at causing strategic harm — and there is no financial motive behind it.” The statement seemed to hint that the attack against the company was aimed at Israel in general, but this assumption was not corroborated by news sources.
In response, Black Shadow released screenshots of alleged Whatsapp correspondence with Shirbit, stating that the insurance company was “playing games” with them even though “our message was clear” and boasting that they “still have ten terabytes of information left [to leak].” The hackers added that “Shirbit proved to everyone that clients’ documents are not important to them.”
In one part of the alleged exchange between Ilia, Shirbit’s putative representative and Black Shadow, the former tried appealing to their sense of honor, asked them to split the ransom payments and tried to pry information out of the hackers.
In one part of the exchange, Ilia, asking to put off the deadline so that he could secure “government approvals,” and told the hackers “ok bro. I need you to be a mentch” — referring to the Yiddish word for a good person.
Black Shadow took responsibility for the attack which started last Tuesday, boasting of its success in a series of tweets in poorly-written English that included images of some of the information taken, as well as technical details apparently intended to show the scale of the assault.
“A huge cyberattack has been taken place by Black Shadow team,” the group tweeted. “There has been a massive attack on the network infrastructure of Shirbit Company, which is in Israel economic sphere.”
“In this action, in addition to serious damage to data centers, information of a significant part of the company’s subscribers has been leaked,” the group continued, saying it had taken “subscribers identity documents, financial statements and other company-related documents.”
“Also all of customer’s and employee’s identities have been hacked,” Black Shadow said. It did not provide any motive for the attack.