Eight arrested in Israel and Thailand for Leumi Card data breach

Former employees demanded millions, threatened to leak credit card info

November 16, 2014 22:42
2 minute read.
Credit card

Credit card. (photo credit: MARC ISRAEL SELLEM/THE JERUSALEM POST)


Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user uxperience almost completely free of ads
  • Access to our Premium Section and our monthly magazine to learn Hebrew, Ivrit
  • Content from the award-winning Jerusalem Repor
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later Don't show it again

Eight former bank employees, in Israel and Thailand, tried to extort millions of shekels from Leumi Card Ltd., the credit card issuer affiliated with one of the nation’s largest banks, police said on Sunday.

The ex-employees threatened that if they didn’t get the money, they’d sell the details of millions of credit cards of bank customers to the highest bidder, police said.

Be the first to know - Join our Facebook page.

The case went public on Sunday, a day after officers from the Israel Police Cyber Crimes Unit arrested seven former Leumi Card employees in Israel, and Thai and Israeli police arrested the ringleader, at his residence in Thailand.

The investigation began two weeks ago, police said, after Eliran Rosnis, the former employee living in Thailand, contacted Leumi management saying that he would sell the credit card information to the highest bidder if he was not paid millions of shekels, police said. The suspect, a former employee of the bank, had been living in Thailand for the better part of a year after the company fired him.

Investigators said the suspect contacted Bank Leumi by using the “Dark Net,” the online network popular for illegal activities, where IP addresses aren’t shared.

Police said he told the bank that before leaving the company he copied the details of customers and was ready to sell them if his demands were not met. They said that none of the customer details were revealed before the ring was arrested. Though the stolen information included names, card numbers and government- issued ID card numbers, it did not include the security codes located on the back of the cards or data on magnetic strips, which could be used to recreate the cards.

Five of the suspects were in court on Saturday night.

They were named as Ziv Derin, Avraham David, Asaf Mor, Elad Aboulafia, and Moti Alon. Their remands were extended until Thursday.

The accused ringleader of the extortion attempt arrived in Israel on Sunday morning from Thailand, and will be brought for a remand extension on Sunday afternoon.

“It is important for me to emphasize that there is no suspicion of damage of any kind to our customers,” Leumi Card CEO Hagai Heller said, adding that the company was treating the breach with the utmost level of seriousness and would draw conclusions when the police investigation closed.

The bank has not undertaken new hiring or screening procedures for its employees.

Data breaches from major companies in recent months have shown the growing challenge of cyber security. Last December, US retailer Target announced that data on its customers had been compromised, affecting up to 70 million people. In September, Home Depot, also in the US, revealed a similar breach of its payment data system.

Unlike those examples, Leumi’s breach occurred from within the organization, accentuating the challenge of preventing internal data theft. That problem, too, made headlines in recent years, when National Security Agency contractor Edward Snowden ran off with secret files, and US Army soldier Bradley Manning turned classified information over to WikiLeaks.

Related Content

Reuven Rivlin
July 22, 2018
In shadow of Hayun questioning, Rivlin holds Tisha Be’av study session