The medical records of Israeli officials are among data reportedly leaked online after an insurance firm was hacked, but refused to cede to the cyber-attackers’ demands to hand over nearly $1 million ransom in Bitcoin.

Israeli insurer Shirbit, which was hacked on Tuesday, rejected requests from the Black Shadow group, which threatened to sell the firm’s data online unless it received a payment of 50 bitcoin ($950,000) within 24 hours.

Newly released hacked data on Friday reportedly included the medical records of Shirbit customers, including Israeli officials, as well as scans of ID cards and drivers’ licenses.

A Telegram message from Black Shadow on Friday said that Shirbit had refused to pay the ransom. The company also confirmed its rejection of the demand, saying it would “not give in” to threats. According to Israeli media, Black Shadow warned that it still had tens of terabytes of information to leak, and also released screenshots purporting to show that it had been negotiating with a member of staff at Shirbit. 

An investigation into the cyber-attack has been launched by Israel’s National Cyber Directorate and the Capital Market Authority, while the company said it is working with the “best cyber experts” and government officials over the hack. 

“Shirbit is working, and will continue to work, to reach the best solution with minimum damage to its customers,” the company said in a statement about the hack. 

The insurer also said the security experts it consulted had concluded that the attack was the work of ideologically motivated “hactivists,” who were more interested in creating “cyber-terror” than in the potential financial gain of ransoms or selling stolen data. 

Think your friends would be interested? Share this story!