Hackers Unlock Files From 2020 Breach, Exposing Personal Info of Nearly All Israeli Voters
JNS.org – The personal information of nearly all Israeli voters was exposed online on Monday, a day before the country’s general election, financial daily Calcalist reported Tuesday.
According to the report, the leaked data, which includes registered voters’ addresses, phone numbers and dates of birth, is from a breach that took place in 2020. The data was exposed following threats made against Elector Software, which operates the voter-prompting Elector app, used by Likud and several other parties.
“Elector representatives said that the hackers concurrently sent direct messages to the company, with one of them saying, ‘You don’t have long left until information about your family is exposed too,’” the report said, adding that while the files released were encrypted, the hackers threatened to release the password unless the app was shut down.
On Monday, they made good on the threat.
According to Calcalist, the password unlocked files containing the personal information of nearly all Israeli voters, including full names, phone numbers, addresses, assigned voting stations, gender and email addresses.
The report noted that authorities have no way to prevent people from downloading the files, and it will take weeks until hosting sites can be forced to take them down.
“I deal with a product that provides a service to political parties at election time, with all the implications. I had no idea what the implications might be until I started providing the service to the Likud,” Yemin told Calcalist.
“Funnily enough, the better the app works, the more frequent the threats become. It is legitimate to oppose the way the system works and I acknowledge that it is controversial, but it is legal and provides services to customers in the US, too. This is an attempt to harm an Israeli startup,” he said.
Elector released a statement saying, “The voters’ registry is handed out hundreds of times a year to many and various organizations and there is no way to determine where the data came from. The National Cyber Directorate even conducted an intrusive inspection of our company and stated that it was opposed to having the app taken offline since it is secure.”