Day Before Election, Entirety of Israel’s Voter Data Leaked Online – Again

A database with the names and ID numbers of all the eligible voters in Israel was leaked by anonymous hackers on Monday, a year after an identical breach and a day before the country’s fourth election in less than two years.

A message from the hackers said they were motivated by the continued use of Elector, a so-called campaign-management app, by political parties.

Haaretz could not immediately confirm that the data was stolen from Elector, and it appeared that at least some of it was found elsewhere. The voter data could not be authenticated.

In February of last year, less than a month before an election, a software flaw tied to the app, at that time used by the Likud and Yisrael Beiteinu campaigns, made it possible to access the details of all eligible voters.

The hackers behind Monday’s breach wrote that they were releasing the data because “the ‘Elector’ spy tool is still active and is actively supported by those who are supposed to protect the citizens,” and accused the government of “fail[ing] to fulfill its duty for corrupt political reasons.” The top of the letter read “Elector data leak – What happens when you combine corruption with ineptitude.” The hackers signed the letter under the name “Israeli Autumn.”

Text messages sent to journalists on Monday contained links that led to the letter and two different encrypted databases, each with its own key. One was the full list of eligible voters, including the names and designated polling stations of 6.5 million Israelis, contained in a 250-megabyte spreadsheet.

The second file contains much more: Over 6 million full names, ID numbers and sometimes additional details.

Two weeks ago, Haaretz reported that data originating from Elector had been posted online at least once recently. The file, posted by an anonymous user in a comment to another article about the app, seemed to be the same one as what was leaked last year.