02 September 2014

Hacker posts details of 3 million Iranian cards; claims highlighting security hole

17 April 2012  |  5018 views  |  0 biometric  eye

An Iranian hacker claims to have posted the details of around three million debit cards on his blog in a bid to draw attention to a security flaw he says banks are ignoring.

Khosrow Zarefarid, a former software development manager at Eniac, operator of the Shetab payment network in Iran, claims that he found a security vulnerability with the system a year ago.

However, when he tried to bring the issue to the attention of Iran's banks, sending a formal report to CEOs and sending them details of 1000 accounts as proof, his warnings were ignored.

Now out of the country, Zarefarid has moved to highlight the problem by publishing card numbers belonging to around three million Iranians, from over 20 banks, on his blog.

According to Iran-based Kabir News, three banks, Saderat, Eghtesad Novin and Saman, have sent customers text messages urging them to update their PINs. Iran's central bank has also issued a statement, telling people to change their PINs and revealing that some accounts have been blocked because of the breach.

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Related blogs

Create a blog about this story (membership required)

Related stories

08 February, 2012
20 January, 2012
03 January, 2012
11 November, 2011
07 November, 2011
18 October, 2011

Featured job

Competitive base, bonus, full benefits
Boston, MA (USA)

Find your next job