Iranian bank cyberattack publishes 15m customers’ details
Just a few weeks after Iranian protesters torched hundreds of bank branches throughout the country, the Islamic Republic’s financial authorities are dealing with another threat: A cyber attack caused the bank details of millions of Iranians to be published online, The New York Times reported.
“This is the largest financial scam in Iran’s history,” Iran’s Aftab News reported. “Millions of Iranians are worried to find their names among the list of hacked accounts.”
The details of approximately 15 million Iranians were published on the social media platform Telegram. Although Iran has been involved in a cyber war against the United States and Israel in the past, the country’s government claimed that the breach is not the work of foreign agents.
Mohammad-Javad Azari Jahromi, Iran’s minister of information and communications technology, responded that the attack was the work of a “disgruntled contractor who had access to the accounts and had exposed them as part of an extortion attempt,” according to the Times.
Cyber experts have disputed this, the newspaper wrote. The breach is so large that it was more than likely the work of a foreign state or state-funded body.
The attack targeted customers of Iran’s three largest banks, Mellat, Tejarat and Sarmayeh, which have yet to issue any statements. All three banks have been under US sanctions for over a year, accused of transferring money on behalf of Iran’s Islamic Revolutionary Guard Corps.
According to the Times report, the accounts’ information was published on a channel called “Your banking cards” on the messaging app Telegram. The first message warned “we will burn the reputation of their banks the same way we torched their banks,” referring the banks burned by protesters throughout November.
The Telegram message also stated that the perpetrators had demanded payment from the banks and, since they had not received payment, they would be releasing the details of millions of bank customers.
Israeli cybersecurity company ClearSky was among the first to issue warnings of the breach, and CEO Boaz Dolev told the Times that the size of the breach indicated that whoever was responsible possessed “high technological capability, which is usually at the hand of state intelligence services.”