An Iranian hacker published the information of the 3,000,000 debit cards including the number and their password in a blog.
The information has been published by someone named “Khosrow Zare Farid” who was the manager of the Eniak company. Eniak is the operator of Shetab payment network in Iran and they produce and install POS devices. “Around one year ago I found a critical bug in the system. Then I wrote and sent a formal report to all the CEO of banks in Iran but none of them replied to me. Now I decided to publish the information. Also governments tried to catch me by Iran Cyber Army but they failed.”
Today 3 of Iranian banks including Saderat, Eghtesad Novin and Saman sent SMS for their clients to update the password of their debit cards. Also the Central Bank of Iran issued a declaration which was marked “important” in the official website.
“According to the rumors which are published in virtual world, We ask people to change the password of their debit cards if they have not changed the main password in the previous months. This will maximize the security of your accounts and improve the restrictions of illegal usage of debit cards. Some banks have changed or block their customers accounts because of this action, so we are sorry about what has happened for these customers.” CBI announced in a formal declaration.