Iranians exposed by “mysterious hacker,” selling staggering amounts of data


Iran’s leading insurance and food ordering companies were hit by massive cyberattacks that exposed a large part of its 88M population, a report by Israeli cybersecurity firm Hudson Rock reveals.

A hacker under the alias “irleaks” posted their first thread on the cybercrime marketplace on December 20th, in which they were selling over 160,000,000 records of Iranian data from 23 of the country’s leading insurance firms.

“The data includes first name, last name, birth date, father’s name, phone number, mobile number, national code, company national code, etc.” the hacker writes.

ADVERTISEMENT

The data sample observed by Hudson Rock includes passport numbers and other sensitive details. Hudson Rock researchers confirm that the data appears to be genuine and note that pulling off an attack against this many insurance companies is wildly difficult.

Iranians exposed in a recent cyberattack

The second post by the same threat actor on December 30th claimed to have hacked Iran’s largest online food ordering company, SnappFood. The staggering amount of data (3TB) includes sensitive details as follows:

SnappFood confirmed the attempts by issuing a statement in which the company claimed they were investigating the hack and attempts to sell information directly.

Hudson Rock researchers identified a recently compromised SnappFood employee who had their computer infected with a StealC infostealer.

“The infection of this employee’s computer resulted in many sensitive credentials of the organization being accessible to some hackers and may have been used as an initial attack vector against the company,” the report reads.

Researchers raise the question of whether such sophisticated attacks, pulled off by a single hacking group against industry-leading companies, were state-sponsored.

“Mysterious hacker strikes Iran,” researchers named their report.

ADVERTISEMENT