Personal information of some 9 million Israelis (alive and deceased) has been stolen by a contractor working for the country’s Ministry of Labor and Welfare with the intent of selling it to the highest bidder, reports The Jerusalem Post.
The records exfiltrated from the Population Registry contain full names, addresses, dates of birth, identification numbers and even information regarding familial relationships between the individual – information that can be misused in many different (and prevalently harmful) ways.
The thief shared the information with another individual who was contracted to design a piece of software called “Agron 2006”, which would allow specific queries based on a variety of parameters to be fed to the database, so that the resulting information could be sold to a variety of interested parties.
Unfortunately, a copy of the software was obtained by a third individual and uploaded on the Internet, complete with instructions on how to use it to get the wanted information.
According to The Jerusalem Post, this third person – a computer technician – took precautions to hide his own identity such as using different computers to upload and access the information and the software, deleting traces of his activity from them and hiding his IP address while doing all of this. But, obviously, it was not enough.
I think this incident just goes to show that no database can ever be 100 percent secure, but it must be extremely galling when your own country can’t guarantee that the information it has stored on you will be kept safe and confidential – especially when that information wasn’t volunteered but collected by default.