JERUSALEM (JWN and agencies)—A Saudi computer hacker, who earlier this week sparked a minor consumer panic by stealing the data of some 15,000 Israeli credit card holders, struck again Thursday by announcing he had accessed 11,000 more cards and threatening to release the data of one million more.
The Saudi-based hacker, who goes by the code name 0xOmar, caused an uproar in Israel’s credit card market on Tuesday when he claimed to have published some 400,000 Israeli credit card numbers. However, immediate checks by Israel’s credit card companies found that most of the card numbers were either wrong or were duplicates, and that “only tens of thousands of newly issued cards” had been hacked.
The hacker left a message on the Saudi hacking group’s message board on Thursday that Group-XP is able to hack “much more than one can imagine.”
0xOmar claims to be the head of an organization called the Wahhabi Saudi Internet Group. He said in a message posted on the Saudi hackers’ Group-XP message board that the computer assault on Israel was “a gift to the world for the New Year.” “It is fun to see 400,000 Israelis in panic,” he wrote, adding, “The Israeli cards will lose credibility in the world’s eyes, like the Nigerian cards.”
The Saudis, who claimed to belong to the notorious international Anonymous hacking group, penetrated one of Israel’s popular sports websites, www.one.co.il, to access the personal information of hundreds of thousands of cardholders. Group-XP published a 30-megabyte file of credit card information on www.one.co.il after temporarily seizing control of the site. The website said it returned to normal functioning shortly after it was hacked.
Israel’s credit card companies quickly announced that they had identified all the hacked accounts and cancelled them before any bogus transactions were carried out. The hackers had encouraged people throughout the world to use the information they posted online to go shopping.
Causing credit card chaos in Israel was the apparent goal of Group-XP. As 0xOmar wrote: “400,000 people crowding Israeli credit card companies and banks and complaining their credit card details were stolen, watching as Israeli banks shredding 400,000 credit cards and issuing new ones.”
Nevertheless, Israel’s credit card companies were swamped with calls and e-mails from distraught customers for nearly two days until the panic subsided. The affected cards belonged to the Isracard, Leumi Card and Cal (Israel Credit Cards) companies, all of which announced they had cancelled the affected cards and were issuing new ones.
Isracard, the country’s largest, had some 6,600 cards exposed. The company has issued some 7 million credit cards to about 40 percent of Israel’s population, or about 3.3 million people. The company announced that its security division had “blocked affected cards overnight” and would issue new cards “immediately to all affected customers.”
The Bank of Israel quickly responded to the cyber-attack by blocking all affected cards for telephone or Internet use.