An Iranian who wanted to expose bank security flaws fled the country and proved his point, exposing 3 million bank accounts. An Iranian newspaper claims he was arrested.
The young hacker, identified as Khosrow Zarefarid, posted details of 3 million Iranian bank cards on his blog after Iranian bank executives ignored his personal letter warning of the security flaw.
The hacker was out of the country, according to a news agency in Azerbaijan, but the Iranian Hamshahrionline newspaper reported he was arrested.
Three Iranian banks have notified customers to update the PINs, and the Central Bank said that some of their customers' accounts have been blocked because of the computer breach.
Zarefarid, a computer software programmer, had been fired because of disagreements between him and his employer and was threatened by Iran’s “Cyber Army,” according to the Intelligence and Terrorism Information Center.
He subsequently fled Iran, and his arrest has not been confirmed. It was reported by a news agency in Iran, which closely supervises and sometimes operates media.
The hacking angered bank customers, and the Central Bank tried to calm the storm by stating that there was no need for customers to withdraw their money.
A bank executive claimed that one-third of the accounts that were hacked are inactive.