The personal information of thousands of Israelis was compromised on Tuesday, following a massive hack into the database of a major local insurance company.
The Capital Markets Authority and the National Cyber Directorate confirmed that there had been a cyberattack on the Shirbit insurance company and that its clients’ information had been leaked in the breach.
Founded in 2000, the Netanya-based Shirbit has upwards of 200 employees and is one of the largest insurance firms in Israel. Several years ago, it won a state tender and many of its clients are civil servants.
In a joint statement, the two agencies said that an investigation into a possible cyberattack was launched on Monday night amid suspicions that the company’s server had been compromised.
“An initial investigation found that information on the details of clients’ insurance is involved,” the statement said, noting that the investigation was still ongoing.
The hack was later claimed by a group calling itself “BlackShadow,” which posted images of some of the information taken, as well as technical details intended to show the scale of the assault, on its social media accounts.
“A huge cyberattack has been taken place by Black Shadow team,” the group tweeted. “There has been a massive attack on the network infrastructure of Shirbit Company, which is in Israel economic sphere,” the group’s poorly phrased tweet read.
Blackshadow warned that it was in possession of Shirbit’s client database, tweeting photos of ID cards, drivers’ licenses, emails and forms containing private information.
One of the documents linked appeared to show the personal details, including the home address and phone numbers, of Tel Aviv District Court Deputy President Judge Gilad Neuthal.
In a Telegram message to KAN 11 News, the group stated that they had other targets that they would disclose later and that they conducted the attack “for money,” without further clarification.
The group’s Twitter account was subsequently suspended.
Ido Naor, CEO of cybersecurity firm Security Joes, told Israel Hayom that “the hackers have a lot of information, probably dating back at least to 2015, including details about senior figures in the defense industries and sensitive information that was included in internal [Shirbit] emails. We believe that the hackers will demand ransom for the information, probably to the tune of $500,000 to $1 million in Bitcoin.”
Naor stressed that “insurance companies, in particular, and the Israeli economy, in general, must understand that hackers will look for new ways to breach them. Ahead of next year, their budgets must be increased and they have to ensure that all the systems are under tight security and supervision.”
He further noted that the hack was “very similar to the methods used by hackers from Iran, and their choice of communication [Telegram] reinforces that assumption.”
Dr. Harel Menashri, head of the Cyber Department at the Faculty of Technology Management at the Holon Institute of Technology and a former Shin Bet security agency officer, told Israel Hayom that “the organization that claimed responsibility for this hack could be a cover for a foreign intelligence agency, maybe even the Iranians.”
“The company places the field of safety and service to its customers at the top of its priorities, and is ranked year after year among the top insurance companies in Israel in its areas of activity, both by the Capital Market Division of the Ministry of Finance and by the Chamber of Insurance Agents.”
“The company places the information security and customer service as its top priority,” Shirbit CEO Zvi Leibushor said in a statement, adding that the firm “is continually ranked among the top insurance companies in Israel, both by the Capital Market Division of the Finance Ministry and by the Chamber of Insurance Agents.”