Faulty app exposes millions of Israeli voters’ data
A security breach in an app used by Israel’s ruling conservative party has exposed the personal information of nearly 6.5 million Israelis to hackers, a cybersecurity expert said Monday.
The applications is used for campaign management by the Likud party, headed by Israeli Prime Minister Benjamin Netanyahu.
News of the data breach comes just weeks before Israelis go to the polls for the third time in under a year. Netanyahu is seeking reelection for a fourth consecutive term as premier on March 2 after two elections in 2019 yielded inconclusive results.
The Likud party acknowledged that it had “thwarted an attempt” to damage a digital platform used to recruit party supporters on election day. The party did not respond to inquiries about the data breach.
The discovery is particularly embarrassing for the Likud party after it waged a smear campaign last year against Netanyahu’s main opponent, Blue and White party leader Benny Gantz, claiming the former army chief’s phone had been hacked by Iranian intelligence.
The voter roll data was exposed due to faulty security on an application the Likud Party used called Elector, which was designed by the Israeli software company Feedback.
Noam Rotem, an Israeli security researcher who first revealed the data breach on his podcast “Cyber Cyber,” said he received an anonymous tip from a hacker, which he later confirmed independently.
Rotem said that while it remained uncertain whether Israelis’ personal data had been exploited, “it is very likely to assume that we are not the only ones with access to this information.”
“It was very easy to get the data. Anyone with a regular web browser could have done it,” he told The Associated Press.
Israeli political parties receive the personal data of voters from the the Central Elections Committee ahead of elections for internal campaign purposes on condition that the data remains private.
Neither Feedback nor Elector’s app designer Tzur Yamin responded to requests for comment.