27 February 2017
visit nextgenbanking.co.uk

Hacker posts details of 3 million Iranian cards; claims highlighting security hole

17 April 2012  |  5638 views  |  0 biometric  eye

An Iranian hacker claims to have posted the details of around three million debit cards on his blog in a bid to draw attention to a security flaw he says banks are ignoring.

Khosrow Zarefarid, a former software development manager at Eniac, operator of the Shetab payment network in Iran, claims that he found a security vulnerability with the system a year ago.

However, when he tried to bring the issue to the attention of Iran's banks, sending a formal report to CEOs and sending them details of 1000 accounts as proof, his warnings were ignored.

Now out of the country, Zarefarid has moved to highlight the problem by publishing card numbers belonging to around three million Iranians, from over 20 banks, on his blog.

According to Iran-based Kabir News, three banks, Saderat, Eghtesad Novin and Saman, have sent customers text messages urging them to update their PINs. Iran's central bank has also issued a statement, telling people to change their PINs and revealing that some accounts have been blocked because of the breach.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Anonymous Brazil targets bank sites

Anonymous Brazil targets bank sites

08 February 2012  |  6884 views  |  0 comments
Israeli hackers take down Arab bank sites

Israeli hackers take down Arab bank sites

20 January 2012  |  7783 views  |  0 comments
Saudi hacker posts Israeli card details

Saudi hacker posts Israeli card details

03 January 2012  |  7791 views  |  0 comments
Hackers take Steam gamers' card details

Hackers take Steam gamers' card details

11 November 2011  |  5362 views  |  0 comments
Hackers confuse German stock exchange with French rugby site

Hackers confuse German stock exchange with French rugby site

07 November 2011  |  7008 views  |  0 comments
Hackers dump Citigroup CEO personal data on the Web

Hackers dump Citigroup CEO personal data on the Web

18 October 2011  |  9088 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit Yelloco.co.ukvisit BNP paribas

Who is commenting?

A Finextra member Finextra Member Commented on: In wake of Cloudflare...
A Finextra member Finextra Member Commented on: Bank consultancy Zeb o...
A Finextra member Finextra Member Commented on: In wake of Cloudflare...

Top topics

Most viewed Most shared
EBA to relax controversial PSD2 authentication rulesEBA to relax controversial PSD2 authentica...
13333 views comments | 52 tweets | 74 linkedin
RBS to become fintech fund and high street outlet for challenger banks under HMT remedyRBS to become fintech fund and high street...
8759 views comments | 40 tweets | 34 linkedin
BNY Mellon seeks blockchain experts for new emerging biz and tech teamBNY Mellon seeks blockchain experts for ne...
7463 views comments | 7 tweets | 4 linkedin
hands typing furiouslyBlockchain Technology
7238 views 1 | 18 tweets | 7 linkedin
High rate of defaults hit P2P lending sectorHigh rate of defaults hit P2P lending sect...
7089 views comments | 19 tweets | 13 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job