Credit card firms scramble to protect hacking victims

Hackers post thousands of Israeli credit card numbers online; Bank of Israel recommends customers monitor accounts.

By YAAKOV LAPPIN, NADAV SHEMER
keyboard computer Internet cyber warfare 311 (photo credit: Thinkstock/Imagebank)
keyboard computer Internet cyber warfare 311
(photo credit: Thinkstock/Imagebank)
Hours after Saudi hackers hit Israel with its largest-ever financial Internet attack, credit card companies on Tuesday took steps to protect tens of thousands of customers whose details were leaked online.
The companies said the incident was less severe than had first appeared, but that between 14,000 and 15,000 active credit accounts had been compromised.
RELATED:Hackers hit US security think tank's website
The hackers initially claimed they published account details of 400,000 people, though subsequent checks found that the majority of card numbers were wrong, or were duplicates.
Credit card companies were inundated with phone calls and Internet visits from worried card holders throughout Tuesday. Customers were seeking to ensure that they did not fall victim to credit card fraud.
Many struggled to get in touch with their card providers.
The hackers encouraged people worldwide to use the information posted online to make purchases, and said they would continue to publish more account information in their possession.
The affected cards belong to the Isracard, Leumi Card and Cal (Israel Credit Cards) companies.
Isracard, the country’s largest credit company, was the worst hit, with 6,600 cards exposed. The company caters to some 3.3 million Israelis, and has issued around 7 million credit cards in total.
“Our security division blocked affected cards overnight,” Isracard said.
“New cards will be issued immediately to all affected customers.”
Isracard CEO Dov Kotler said security every year to prevent fraud. Any customer who had money stolen as a result of misuse would be automatically compensated, he said.
Isracard also added a tool on its website to allow customers to check if their credit card information was compromised.
Visa CAL and Leumi Card also announced that they would suspend all accounts that were listed in the post, contact the affected customers, and issue new credit cards.
The Bank of Israel joined the scramble to respond to the incident, blocking all affected cards for telephone or Internet use. It announced that customers would not bear responsibility for fraudulent use of their cards, but recommended that they examine charges in their statements and report any unusual activity swiftly.
The stolen information was stored on two coupon websites, which were accessed via a third site that was on the same server, but which lacked sufficient defenses, said the Dooble Internet company, which hosts the sites.
Dooble stressed that it did not construct the site that was broken into.
It likened the attack to a burglar bursting into one apartment to gain access to another in the same building.
A hacker who called himself “OxOmar” said he was head of the Wahhabi Saudi Internet group, and described his actions as “a gift to the world for the new year,” adding, “It is fun to see 400,000 Israelis in panic.”
“The Israeli cards will lose credibility in the world’s eyes, like the Nigerian cards,” he wrote.
The hackers, claiming to be part of the well known international Anonymous hacking group, published a 30- megabyte file on the popular Israeli sports website One, after online attackers temporarily seized control of its homepage.