Likud election app leaks personal details of 6.4 million Israelis
An election app used by Israel’s Likud party has leaked the personal information of all 6.4 million of the country's eligible voters.
The information includes the full names, identity card numbers, addresses and gender of every voter, as well as the phone numbers and other personal details of some of them, Haaretz reported.
Israeli political parties receive personal details of voters before elections and promise to protect their privacy, as well as not to reproduce the registry or provide it to a third party, and to permanently erase all the information once the election has finished.
The registry was uploaded to Likud's Elector app ahead of the country's upcoming election on 2 March.
Last week, Prime Minister Benjamin Netanyahu called on Likud supporters to download the application in order to help draft more supporters and voters.
It was unclear whether any cyber-criminals or nation state hackers managed to take advantage of the leak before the security issue was addressed.
The leak was discovered and detailed by Ran Bar-Zik, an Israeli-born frontend developer for Verizon media, according to technology news site ZDNet, which reported Bar-Zik found the leak while performing a security audit of the app.
The researcher decided to look deeper into the workings of the software after users reported that they had been registered for SMS-delivered news from the app without ever providing their consent.
The firm that developed the application, Feed-b, said that the vulnerability was a “one-off incident that was immediately dealt with," and that security measures have since been increased.
A similar leak happened in 2006 when an interior ministry employee stole the population registry and published it illegally.
Netanyahu, the leader of Likud, has boasted in the past that Israel's cyber intelligence officers have managed to help allies foil numerous "terrorism" plots thanks to their expertise.