Dozens of Israeli retailers hit by cyberattack
Dozens of Israeli retailers hit by cyberattack
A cyber attack against the website hosting company Signature-IT disabled the activity of about 40 companies that operate e-commerce websites. Among Signature's clients: Keter, Osem, Strauss, as well as government bodies such as the Nature & Parks Authority and the Ministry of Health
A cyber attack against the website hosting company Signature-IT led to disruptions in the online activity of dozens of companies, including the Home Center and Kravitz chains, the National Cyber Directorate has confirmed.
The online stores of Home Center and Kravitz stopped operating over the weekend. "Unfortunately, the site is facing a cyber-terrorist attack," announced a message on the Home Center website. Visitors to the Kravitz website were told only that the website was "temporarily inactive".
According to the Cyber Directorate, the shutdown of the websites is not the result of an attack against the companies themselves but against the servers of the Signature-IT company, which provides them with online shopping solutions and website hosting services. "The attack, which caused a lot of damage to the servers, affected companies that store their website and information with this company," the organization said.
Signature-IT told the network that about 40 companies were affected as a result of the attack, most of them from the field of e-commerce. The company counts among its clients large companies such as IKEA Israel, Keter, Osem, Strauss, Kal Gav, Tnuva and Unilever, as well as government bodies such as the Nature and Parks Authority, the State Archives, the Ministry of Health and the Ministry of Labor & Welfare. However, apparently not all the companies and entities that are among the company's customers were affected by the cyber attack. As of now, the full list of entities has not yet been published.
In addition, the attackers managed to gain access to mailing lists stored on the company's servers, through which they distributed SMS messages and emails with hateful messages to thousands of Israelis. According to the company, no credit card numbers are stored on its servers.
However, other information that the companies that use Signature-IT services collect about their customers, including full names, phone numbers, email addresses, physical addresses and purchase history, may have reached the attackers and could be used by them to carry out targeted phishing attacks in the future.
As revealed in Calcalist, the Cyber Directorate is currently promoting emergency regulations, which will give it the authority to instruct storage service providers and digital service providers how to act in the event of a cyber attack on their systems. According to the Directorate, Signature-IT is the type of company to which the regulations would apply. However, it is not clear whether the Directorate had advance information about the attack and whether it could have prevented or mitigated it if it had been given the authority to give binding instructions to the company.
Signature-IT's response has not yet been received.