Security Breach Exposes Travel Plans of Israeli Prime Minister, Senior Security Agents
CTech – Information about the international travel plans of the Israeli prime minister, other high-ranking Israeli diplomats, and senior agents of the country’s security agencies was leaked following a recent security breach, according to one person who spoke to Calcalist on condition of anonymity. That person identified himself as the hacker who discovered the breach, which compromised the database of alp.co.il, an online platform used by Israeli travel agents to book flights and hotels and submit visa applications.
Calcalist reviewed some of the leaked data and consequently informed the Israeli National Cyber Directorate of the leak. The breach has since been addressed.
Alp.co.il is used by popular Israeli online travel booking services such as Gulliver.co.il, Issta.co.il, and governmental travel agency Inbal, which handles flight bookings and other travel-related services for all government employees. The system used by alp.co.il was developed by the Israeli subsidiary of Madrid-based travel technology company Amadeus IT Group SA.
The leaked database contains the personal details and email addresses of millions of Israelis. Among the compromised email addresses is the one to which the travel booking confirmation of Prime Minister Benjamin Netanyahu and his family is sent, the person said. According to him, the Netanyahu family itineraries were sent to the address firstname.lastname@example.org, Bibi being Netanyahu’s commonly used moniker. In a comment to Calcalist, the Prime Minister’s Office said they are unfamiliar with the email account.
Altogether, the database contained information on 36 million booked flights, 15 million passengers, over one million hotel bookings, and 700,000 visa applications.
In reply to Calcalist’s request for comment, a spokesperson for Amadeus’ Israeli subsidiary said that on May 20 the company learned of a failure in the security definitions of its platform used by Israeli travel agents, which allowed unauthorized access to data. The company added that its security team addressed the issue immediately and the problem was fixed.