DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

‘Contract worker stole all Israelis’ personal information’ (updated)

Posted on October 24, 2011 by Dissent

Okay, this is not a great headline to wake up to.  The Jerusalem Post reports:

Information was used to create searchable database with sensitive information of every Israeli, living and deceased; computer technician put the database on the Internet for anyone in the world to access.

A contract worker from the Ministry of Labor and Welfare was charged with stealing the personal information of over 9 million Israelis from the Population Registry, the Justice Ministry announced Monday after a media ban was lifted.

The worker electronically copied identification numbers, full names, addresses, dates of birth, information on family connections and other information in order to sell it to a private buyer.

The information was also given to another individual who used it to design a software program called “Agron 2006”, which exploited the database to allow queries of all Israeli citizens, allowing information to be illegally sold based on various parameters. Those parameters could include familial relationships of the entire Israeli population, over several generations.

[…]

A copy of the software program, devoid of any protection mechanisms, was later obtained by a computer technician who uploaded it to the Internet. He even created a website with detailed instructions explaining how to download and use the Argon program with Israeli citizens’ personal information.

Read more on Jerusalem Post. This is not the first time we’ve seen an entire country’s information breached, but it’s still staggering and a reminder of the insider threat.

Update: More media is now covering the breach. Aviad Glickman reports that the Agron program was widely downloaded and shared and could be found in many Israeli homes.   Tomer Zorchin provides more background on the contractor and sequence of events:

According to the investigative details released on Monday, it was a former Welfare Ministry contracted employee who stole the information in 2006 from the Population Registry, which he had access to through his job.

The employee stored the database in his home and even updated it sporadically in accordance with the Interior Ministry’s updates. He was later sacked for other criminal-related reasons and passed on the information from the database to a business client, who subsequently uploaded the details onto his computer server.

Over the course of several months, the registry exchanged hands in the ultra-Orthodox community until it fell into the possession of a man named Ari, who used it extensively and uploaded it to the internet. He used internet protocol addresses based outside of the country, worked in internet cafes, and used other methods of subterfuge in order to prevent his own identity from being discovered.

At some point, the registry was sold for the paltry sum of only a few thousand shekels, and it is likely that it was used for malevolent purposes. Since the start of the investigation, Israeli agents have attempted to track down every copy of the registry and remove it from the internet.

One copy of the registry was tracked to an obsessive collector of Israeli databases, who was found to have an enormous trove of them. One of the databases that was found in his possession was a list of adopted children in Tel Aviv and Jerusalem.

Over the course of the investigation, six people were arrested, including the contractor and the man named Ari, and they were subjected to various arrest conditions.

[…]

Read more on Haaretz.com

Related posts:

  • Operation Anti Security Breakdown and targets, the full time line
  • #OpFreePalestine Leaked Credit Cards by Neon Seven, ZCompany Hacking Crew
  • Message to Danny Ayalon from 0xOmar
  • Ca: Security breach at provincial registry jeopardizes privacy rights of 25,000 personal support workers; ministry must act
Category: Breach IncidentsExposureGovernment SectorNon-U.S.Of NoteSubcontractorTheft

Post navigation

← Korean hacker awaiting deportation
SA: Worker: Hospital told boss my HIV status →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.