Iransurance Breach: ‘irleaks’ Hacker Sells 160 Million Records from Iranian Companies

The Israeli cybersecurity firm Hudson Rock has unveiled a series of expansive cyberattacks targeting major Iranian insurance services and online food ordering platforms, significantly impacting a substantial portion of Iran’s 88-million-strong population.

According to Hudson Rock, on December 20th, a hacker known as “irleaks” posted on a cybercriminal marketplace offering for sale over 160 million records from 23 leading Iranian insurance companies.

The data breach encompasses personal details including names, surnames, birthdates, phone numbers, national codes, company codes, and other sensitive information.

In a sample of the data analyzed by Hudson Rock, passport numbers and other personal details were also discovered. Researchers confirm the authenticity of the data and note the high complexity of the attack on such many insurance companies.

On December 30th, the same hacker “irleaks” reported a breach of Iran’s largest online food ordering company, SnappFood, resulting in a leak of 3 TB of data containing highly personal information. SnappFood has confirmed the hacking attempts and announced an investigation into the incident.

During their investigation, Hudson Rock researchers identified a recently compromised SnappFood employee whose computer was infected with the StealC malware. The infection of the employee’s computer led to the availability of numerous confidential organizational data, which likely served as the initial vector for the attack.

Researchers raise the question of the possible involvement of state-sponsored hacker groups in these sophisticated cyberattacks. In their report, researchers referred to the incidents as “Mysterious Hacker Attacks on Iran.”