A hacking group affiliated with Iran has said over the weekend that it had managed to hack an Israeli internet hosting company and steal large amounts of personal data from a popular LGBTQ dating site.
Besides the "Atraf" dating site, the cyberattack also hit websites of Israeli public transport companies Dan and Kavim, a children's museum and public radio's online blog, with none of the sites available to users by midday Saturday.
The hacking group known as Black Shadow claimed responsibility for the attack and published what it said was client data, including the names, email addresses and phone numbers of Kavim clients, on the Telegram messaging app. Among the clients whose data was leaked appear to be four HIV-positive individuals.
The site itself, meanwhile, remains unavailable, some three days after the initial attack.
"Hello Again! We have news for you," the hackers wrote in a message on Telegram on Friday night. "You probably could not connect to many websites today. 'Cyberserve' company and their customers (were) hit by us," it said.
One of the HIV-positive clients whose details have been leaked, said, “Whoever registered as a [HIV] carrier in this app knows that it can reach the whole world. It's serious to acknowledge such a thing… [the attack] is a problem, it’s a big deal.”
Sahar Cohen, another user of the site, said, "If anything is leaked from the site, it will be a very serious privacy attack. Atraf is used, among other things, for flirting and realizing sexual fantasies… Outing a person is not like leaking an insurance policy, it's the most private thing in the world."
The Israel AIDS Task Force issued a statement, saying, "The thought that a person's HIV status will be revealed against his will bothers us greatly. For many this is sensitive information, and its very exposure, not through choice, is worrying."
The Black Shadow hacker group is the same one that managed to infiltrate the servers of Israeli car-financing company KLS Capital and steal a substantial amount of client information back in March, for which they demanded a ransom worth NIS 1.9 million in Bitcoin (to a value of $570,000), which the firm rejected.
The hacker group also carried out a major cyberattack against Israel's Shirbit insurance company in December, during which they demanded a ransom of no less than 200 Bitcoins (worth $3.8 million), for the return of the stolen information.
AFP contributed to this report