Israel’s Likud Party is being accused of causing one of the most serious data breaches in Israeli history and of gross violations of Israeli privacy laws following the exposure on the Internet of the private information of all 6,454,254 registered Israeli voters.
The leak itself is being blamed on Elector, an application used by Likud, the Shas and Yisrael Beiteinu parties, as well as by some parties abroad, to manage their election campaigns. As first reported by Israeli investigative website Seventh Eye, which focuses on the media industry, the Elector app’s webpage was improperly coded, granting administrator access to the databases stored by the application.
According to a petition filed last week, the Likud Party had created a database of all registered Israeli voters, using its access to the official Central Elections Committee (CEC) voter registry, and then shared that database with its supporters via the Elector app.
Included in the database was not only the voter-registry information—ID numbers, full names and home addresses—of almost 6.5 million eligible Israeli voters, but also much more detailed information on tens of thousands of Likud supporters that volunteers had collected over the past month, which they added to the database, according to Calcalist.
All Israeli parties are entitled to and provided with access to the CEC data prior to elections. However, a stipulation demands that they protect the information, refrain from sharing it with third parties and erase it all after elections are over. The petition against the Likud argues that it broke the law by sharing the voter registry data with Elector.
The Elector website was fixed shortly the leak was discovered. It is unknown how many people might have gained access to the exposed data.
On Monday, the Israeli Justice Ministry’s Privacy Protection Authority (PPA) said it was investigating the incident just a day after CEC head Supreme Court Justice Neal Hendel ordered Likud, Shas, Feed-b (the company behind Elector), Attorney General Avichai Mandelblit and the PPA to respond to the petition by Wednesday.
The incident follows an additional leak in September, when the business journal The Marker reported that it had managed to access Likud’s voter database ahead of the country’s Sept. 17 election.
