Israel’s National Cyber Directorate is throwing cold water on the hacker’s story.
By Lauren Marcus, World Israel News
A hacker who claims to have infiltrated the internal information systems of a platform used by Israeli municipalities is declaring victory on the web, saying that he has stolen identifying documents belonging to “7 million Israeli citizens.”
But Israeli authorities, including the National Cyber Directorate, say that the hacker’s statements appear to be a baseless brag, not grounded in reality.
On the eve of the Jewish New Year Holiday on Tuesday, a hacker using the name “sangkancil” announced that he had hacked into the City4U platform, which Israelis use to pay taxes and water bills to municipalities, and obtained identifying documents of much of Israel’s adult population.
“I was able to gain access to the sensitive data of Israeli municipalities,” the hacker wrote on Telegram.
“Details of the properties and identities of more than 90 percent of Israeli citizens have been posted on forums for sale,” the alleged hacker wrote, alongside photos of Israeli ID cards and lists of names.
Sangkancil offered users on a dark web forum the opportunity to buy the information in exchange for Bitcoin.
Israel’s National Cyber Directorate and City4U, however, are throwing cold water on the hacker’s story.
As of press time, Sangkancil has not posted any new documents or information that wasn’t released in previous hacks, suggesting that the revelation of the alleged massive hack may amount to nothing more than hype.
“The information published so far by [Sangkancil] seems outdated and may be recycled information,” Dr. Harel Manshari, one of the founders of the Shin Bet’s security directorate and head of the cyber unit at the Holon Institute of Technology, told Walla News.
“Tests conducted so far have not detected any infiltration of the system. City4U holds data of a few hundred thousand Israelis at most, and not in the order of magnitude mentioned by the attacker in his announcement,” said a statement from City4U’s parent organization, the New Automation Company.
Also adding suspicion to the hacker’s version of events is the sale price for the data. One Bitcoin, which Sangkancil said he would accept as payment, is equivalent to roughly $46,000.
That would be an incredibly low price for critical information on 7 million Israelis.
Authorities believe Sangkancil is likely Malaysian, as the moniker appears to be adopted from a fictional character popular in regional fables.
Malaysia has a long history of public figures making unabashedly anti-Semitic statements and expressing hostility towards Israel.
Former Malaysian Prime Minister Mahathir Mohamad caused a stir on Twitter in 2020 after writing that Muslims have the “right to be angry and kill millions of people.”
He was justifying the murder of a priest in France at the hands of a Muslim assailant, who was motivated by a local civics teacher displaying a caricature of the prophet Mohammed.
In a speech at Columbia University in 2019, Mohamad said critics who pointed out his anti-Semitism or asked him to tone down his incendiary rhetoric were part of a Jewish conspiracy impinging on his right to free speech.
In Malaysia, there is no free speech. Insulting Islam is a crime that is punishable under some of the world’s strictest blasphemy laws.