Hours after leaking the personal details of users of an LGBTQ dating app, Iran-affiliated hacker group Black Shadow continued to wreak havoc Tuesday night as it released private information on nearly 300,000 Israelis receiving medical treatment at the Mor Institute, including patient requests and test results.
Follow Israel Hayom on Facebook and Twitter
Patients' credit card information does not appear to have been leaked at this time.
Black Shadow also published information on some 30,000 registered users of 103FM Radio's website and nearly 500,000 customers of Locker Ambin Ltd.
As was the case in the Atraf leak, the hackers shared the information via an Excel file shared with a new group they created on Telegram. The hackers also provided links allowing others to download information obtained from the Atraf app. The messaging app was forced to take action on the matter after being ordered to do so by the State Attorney's Office.
On Friday evening, BlackShadow announced it had hacked the servers of Israeli internet company Cyberserve. The hackers shuttered the company's servers and threatened to leak data pertaining to hundreds of thousands of users.
Cyberserve is a web hosting company that provides servers and data storage for companies such as the Kan public broadcaster, the Israel Lottery, Taglit-Birthright, the Dan and Kavim public transportation companies, the Children's Museum in Holon, LGBTQ dating app "Atraf," tour booking company Pegasus, the Israeli Children's Museum, and dozens of other sites.
BlackShadow first surfaced last year, with a massive breach of Israeli insurance company Shirbit and later of KLS Capital. Information from both companies' clients was leaked in the days following the breach.
The group, which had threatened to leak the data obtained from Atraf if a $1 million ransom was not paid within 48 hours, claimed to have leaked the entire user database after its demands were not met Tuesday night.
Meanwhile, another group of hackers known as Moses Staff claimed to have broken into the databases of three Israeli engineering firms: H.G.M. Engineering, David Engineer, and Ehud Leviathan Engineering. Moses Staff leaked personal information of those companies' clients, including their identification numbers.
The hackers claimed to "have all of the data and projects of the engineering companies we breached, including maps, pictures of letters, contracts, and more. You can download some of this data from the link below. The company's information will be published gradually," they said.
Moses Staff previously claimed to have accessed information on Defense Minister Benny Gantz and released some of his personal photographs and documents.
Oded Vanunu, the head of Product Vulnerability Research at American-Israeli software firm Check Point, told Israel Hayom: "The full leak from the Atraf website should be a warning sign on the national level and on the level of the companies storing personal information on the Internet. The personal details of Israeli citizens are repeatedly being leaked following cyberattacks that could easily have been prevented. We should assume the information will be used for very precise phishing attacks by additional hacker groups around the world."
Subscribe to Israel Hayom's daily newsletter and never miss our top stories!
