The personal information of thousands of Israeli credit card users has been stolen.  How do you know if you’re affected, and what should you do?

The incident
A hacker working under the name 0xOmar has hacked Israeli databases to obtain the credit card information and other personal details of Israelis in an effort to damage Israel and individual Israelis, Jewish and non-Jewish alike.

How the theft is being handled
The Bank of Israel has been working closely with the banks to supervise their handling of the hacking.

The credit card companies reported that they have identified the cards of the customers whose details were exposed on the Internet, and the cards have been blocked for use in Internet purchases and telephone purchases. This is expected to prevent fraudulent use of the cards through these methods, following the exposure of the information. The companies are contacting the customers in order to exchange the cards that they own. Service centers of all the companies are set to provide answers to customers, and customers who suspect that their card has been misused can turn to the credit card company in order to look into the need to cancel the charge.

Check if yours was among the stolen and exposed
The three major Israeli credit card providers have all put up private search engines for you to check whether your card was compromised.


  • Check your IsraCard status using your ID number
  • If you receive a message that your card has been blocked, it has only been blocked for internet and telephone purchases, and a new card will be sent to you soon.

Leumi Card

Cal Card

  • Check your Cal Card status using your ID number and credit card information
  • Look under “?בדוק – האם פרטי כרטיסך נחשפו”

Will those affected be charged for the fraudulent activity?
The Bank of Israel states that no customer should pay for the fraudulent activity and reminds customers to verify that no fraudulent charges appear on their bills.

The Banking Supervision Department wishes to clarify that the customers will not bear responsibility for fraudulent use of the cards as a result of the exposure of their details as noted above, in accordance with the instructions of the Debit Card Law. In any case, the Banking Supervision Department recommends that customers examine the charges on their credit card statement or at the websites of the credit card companies in order to identify transactions that they did not conduct. Any problem should be reported to the credit card companies as soon as possible.

Your real exposure
If your credit card details were stolen and published, you still have a secondary, perhaps more significant risk.  Along with your credit card details, your full name, address, telephone number, email address, and password have been exposed.  If you’re like most people, you reuse the same email address and password at multiple sites, even reusing the password you use to access your bank account online.

Right now, you need to go one by one to the sites you access online – including your bank, brokerage, email, and social network providers – and select unique passwords for each.  If by hacking into one internet site someone finds out your default email address / password combination, they can potentially access your whole online world and wreak much more havoc than putting a few fraudulent charges on a credit card.


Stay safe online!

Leave a Reply

Your email address will not be published. Required fields are marked *