Bank customers in Iran have been told to change their credit and debit card passwords after three million account details were compromised in a hack.
The Persian Fars News Agency has reported that a “computer specialist”, formerly employed by a PSP (payment service provider), was responsible for the data breach.
“Around one year ago I found a critical bug in the system,” said Zare Farid, according to Kabir News. “Then I wrote and sent a formal report to all the CEO of banks in Iran but none of them replied to me.”
Following this initial lack of response from the banks, he sent them 1,000 account details to highlight the lack of protection afforded to customers, though this too failed to arouse concern.
Eventually, Zare Farid chose to publish three million card details obtained from more than 20 Iranian banks on his blog, finally provoking a reaction from the banks.
Saderat, Eghtesad Novin and Saman, three of the breached banks, sent a text message to customers over the weekend, asking them to update bank card passwords. The Central Bank of Iran (CBI) also issued a warning, but added that fraud seemed unlikely considering the details leaked in the breach.
“It is possible that certain individuals have some information… but they cannot use this information until the bank cards are not in their possession,” said Nasser Hakimi, a CBI official, speaking to the Persian service of IRNA.
Is your bank account safe? Try our Internet security quiz
Google clashes with US Justice Department in closing arguments as government argues Google used illegal…
Prominent Stanford University AI scientist Fei-Fei Li reportedly completes funding round for start-up based on…
Apple shares surge on optimism that new AI-focused hardware launches will drive renewed sales, starting…
Biden vetoes Republican-backed measure amidst dispute over 'joint employer' status for contract workers, affecting tech…
Lawyers in US social media addiction action say strict controls on Douyin in China show…
More than 10,000 London black cab drivers sue Uber claiming company acted illegally to obtain…