15 Million Debit Cards Exposed as Iranian Banks Fall Victim to Cyber Warfare

15 Million Debit Cards Exposed as Iranian Banks Fall Victim to Cyber Warfare (Dec 12, 2019)

According to Iranian media reports, the details of approximately 15 million debit cards have been exposed, affecting close to a fifth of the country’s population. According to Mohammad Javad Azari Jahromi, Iran’s Information and Telecommunications Minister, the personal data was stolen by a disgruntled contractor with access to the accounts, for extortion purposes, and exposed on a public Telegram channel. There is speculation as to whether the reported cause of the exposure is true, with cyber security experts suspecting a breach of this magnitude would more likely have been carried out by a state-sponsored intelligence organization. The banks affected were Mellat, Tejarat, and Sarmayeh, the three largest banks in Iran, and the data exposure could have lasting impressions, creating negative reputations of each bank’s security practices.

Recommendation: Bank accounts and credit card numbers should be protected with the utmost care, and only used with vendors that you trust to keep your information in compliance with the relevant standards. Regular monitoring of financial accounts in addition to identity protection and fraud prevention services can assist in identifying potential theft of data.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.