Hours after leaking the personal details of users of LGBTQ dating app Atraf, Iran-affiliated hacker group Black Shadow continued to wreak havoc on Tuesday night, releasing private information on nearly 300,000 Israelis receiving medical treatment at the Mor Institute, including patient requests and test results.
Patients’ credit-card information does not appear to have been leaked at this time.
Black Shadow also published information on some 30,000 registered users of 103FM Radio‘s website and nearly 500,000 customers of Locker Ambin Ltd.
As was the case in the Atraf leak, the hackers shared the information via an Excel file shared with a new group they created on Telegram. The hackers also provided links allowing others to download information obtained from the Atraf app. The messaging app was forced to take action on the matter after being ordered to do so by the State Attorney’s Office.
On Friday evening, Black Shadow announced that it had hacked the servers of Israeli internet company Cyberserve. The hackers shuttered the company’s servers and threatened to leak data pertaining to hundreds of thousands of users.
Cyberserve is a web-hosting company that provides servers and data storage for Atraf, the Kan public broadcaster, the Israel Lottery, Taglit-Birthright, the Dan and Kavim public transportation companies, the Children’s Museum in Holon, tour-booking company Pegasus, the Israeli Children’s Museum and dozens of other sites.
Black Shadow first surfaced last year, with a massive breach of Israeli insurance company Shirbit and later of KLS Capital. Information from both companies’ clients was leaked in the days following the breach.
The group, which had threatened to leak the data obtained from Atraf if a $1 million ransom was not paid within 48 hours, claimed to have leaked the entire user database after its demands were not met on Tuesday night.
Meanwhile, another group of hackers, known as Moses Staff, claimed to have broken into the databases of three Israeli engineering firms: H.G.M. Engineering, David Engineer and Ehud Leviathan Engineering. Moses Staff leaked personal information of those companies’ clients, including their identification numbers.
The hackers claimed to “have all of the data and projects of the engineering companies we breached, including maps, pictures of letters, contracts and more. You can download some of this data from the link below. The company’s information will be published gradually,” they said.
Moses Staff previously claimed to have accessed information on Defense Minister Benny Gantz and released some of his personal photographs and documents.
Oded Vanunu, the head of Product Vulnerability Research at American-Israeli software firm Check Point, told Israel Hayom: “The full leak from the Atraf website should be a warning sign on the national level and on the level of the companies storing personal information on the Internet. The personal details of Israeli citizens are repeatedly being leaked following cyberattacks that could easily have been prevented. We should assume the information will be used for very precise phishing attacks by additional hacker groups around the world.”
This report first appeared in Israel Hayom.
