Hackers demand $1 million to stop leak of private user info from Israeli LGBT+ dating site

Atraf data leak

Private user information from an Israeli LGBT+ dating site has been leaked online by hackers, who are threatening to release more data unless they receive a $1 million ransom.

Geo-located dating service Atraf was among dozens of sites hit by the Black Shadow hacking group on Friday evening (29 October) after a break in at the servers of Israeli internet hosting company Cyberserve.

The following day the group dumped tens of thousands of online records from the sites it penetrated, including 1,000 user profiles from Atraf. The information includes names and locations of users as well as the HIV status of some.

The situation escalated on Sunday (31 October) as Black Shadow claimed on Telegram that neither government officials nor Cyberserve had met their demands, and threatened to leak the rest of the information from Atraf’s database unless they were paid within 48 hours.

In a statement to Walla, the Israel AIDS Task Force said it was deeply concerned.

“The thought that a person’s HIV status will be revealed against his will bothers us greatly. For many this is sensitive information, and its very exposure, not through choice, is worrying,” the group said.

Several closeted users have expressed concern that their sexuality or gender identity could be publicly outed.

One anonymous person told Walla: “Ever since I heard about this break-in I can’t help but think about it, I have intimate pictures and sexual correspondence there that if they reach my family or my environment they can destroy me.

“I browse the site and buy the party tickets from there as well, and beyond the annoying part of the closet it’s also my credit details and information like ID and more, it’s just scary.”

“I’m just shaking with fear,” another unnamed user told Ynet, as reported byTimes of Israel. “I’m a gay man in the closet, use the app quite a bit and have personal photos there… I don’t know what to do or who to turn.”

Both Atraf and Cyberserve confirmed reports that it had been hacked. Cyberserve said it was working with the Israel National Cyber Directorate to “put an end to the incident in the best way possible”.

Black Shadow has now opened up the ransom to members of the public saying that “anyone” could pay, but Yoram Hacohen, CEO of the Israel Internet Association, said “under no circumstances” should their demands be met.

“There is no guarantee that the information will not be leaked after the ransom is paid,” he said. “Worse yet, such surrender will lead to further attacks, due to what they will perceive as an achievement.

“Moreover, if private users receive ransom demands, they must immediately alert the police and not take any action beyond that. What has to be done now is to increase online safety and privacy regulations, and provide support – physical and mental – to the people whose information has been leaked.”

Those affected by the leak can contact The Agudah’s LGBT+ hotline between 5pm and 7pm and 7.30pm and 10.30 pm, Sunday to Thursday. Just call 2982 or WhatsApp at 058-620-5591.