A hacking group calling itself Black Shadow dumped online Tuesday what it said was the user database of Israeli LGBTQ dating site Atraf, an attack some security experts blamed on Iran.
"Enjoy! atraf's database," the group said on the messaging application Telegram, releasing a large file for download that quickly became unavailable.
The Atraf dating site is owned by CyberServe, an Israeli web development company whose clients include public transportation firms, museums and a travel company.
It released an early batch of user profiles over the weekend, and on Sunday demanded $1 million within 48 hours to prevent the wider release.
Keren Elazari, a cyber security expert and a researcher at Tel Aviv and Reichman universities, said the hack bore many similarities with previous Iran-linked attacks.
"It was the use of the same technique, the same technical tools and the behaviour, the online leak, the threat, the victim blaming, and the requirement for ransom," she said.
"We think that in this case the Iranian hackers are trying to embarrass Israeli companies and Israeli citizens."
Hila Peer, a board member of The Aguda, The Association for LGBTQ Equality in Israel, told AFP that calls to the group's hotline had doubled over the weekend as panic ensued.
She said some gay men feared what might happen if their profiles, including their passwords, contact details, HIV status and intimate pictures, were revealed.
"For some people, having this leak is life threatening," she said.
Peer said her group had worked closely with the Israeli government to ask Telegram to suppress Black Shadow.
Libi Oz, a spokeswoman for the government-funded Israel National Cyber Directorate, confirmed to AFP that her office was working with the Aguda, but gave no further details.
One particular vulnerability for CyberServe was that Atraf's passwords were not encrypted, which Elazari said was evidence of "gaping holes in their security infrastructure."
A source at Atraf's owners CyberServe said the issue of non-encrypted passwords were under investigation.
Iran and Israel have been engaged in a so-called "shadow war", including several reported attacks on Israeli and Iranian ships that the two have blamed on each other, as well as cyberattacks.