Investigators from the Justice Ministry announced on Monday that they have
cracked a massive information theft case, in which a former employee of the
Ministry of Social Affairs and Social Services stole and copied the personal
details of over nine million Israelis, and sold the data to a private
The theft included the publication of detailed personal
information on the millions of victims, including many minors, deceased persons
and citizens living abroad. The information, which is accurate as of 2006,
includes full names, ID numbers, addresses, dates of birth, family status, names
of siblings and other information. It also includes an extensive search engine
and allows the user to determine all of the extended family relations of any
Israeli in the database.
Biometric ID database to be launched in November
Biometric passports – how will spies cope?
The database could also represent a serious
security threat in that it affords anyone who accesses it online the ability to
look at the place of residence and next of kin of all types of people in the
political and military echelon, whose personal data is otherwise
At the moment there are six suspects involved, and the Tel
Aviv Magistrate’s Court has placed a travel ban on all six, barring them from
leaving the country.
The theft took place in 2006, when a contract worker
hired by the Ministry of Social Affairs and Social Services made a copy of the
database after taking it home from work. The employee, who was responsible for
safeguarding the database, is then believed to have given a copy to a friend of
his, who later passed it to a classmate from his Jerusalem yeshiva.
classmate allegedly sold the data to a businessman who collects personaldata
databases for a rather nominal fee of a few thousand shekels. The businessman
who bought the data then allegedly gave it to a programmer who built a program
called “Agron 2006,” that included all of the stolen material.
thereafter, a different computer technician crossed paths with the database, and
according to the Justice Ministry, uploaded it to the Internet, where it could
be accessed in its entirety by anyone in the world.
The technician then
allegedly launched a website with a step-by-step guide on how to download a copy
of the database and how to use it. The technician, who operated under the name
“aRi,” also found ways to mask the IP address of the computers he used and cover
his tracks at nearly every turn, the ministry said.
In 2009, following a
police investigation that yielded no results, the Law, Information and
Technology Authority of the Justice Ministry began probing the case. Over the
course of the investigation they compiled mountains of evidence from hard
drives, hard discs and cloud-computing storage.
investigation compiled six terabytes of data, roughly 6,000
Investigators said they were particularly dismayed by the
discovery that the former employee had a copy of the Ministry’s adoption
database for the Jerusalem and Tel Aviv area. The database is considered one of
the most sensitive in the country, and includes specific information on the
parents of adopted children.
Investigators said they have found no
evidence that the document was leaked. The investigation also reportedly turned
up data related to national security, as well as voter-registration
According to a statement by the Justice Ministry on Monday, the
uploading of the database “will make it easier to carry out forgery and fraud,
and provide the necessary information to carry out identity theft. It helps
create fraudulent documents that appear authentic, therefore allowing people to
bypass security systems. It could also have an effect on the democratic
processes in elections, in that it makes it easier for someone to impersonate
someone else in the voting booth.”
Following the Justice Ministry’s
announcement regarding the population database leak, and ahead of Interior
Ministry plans to pilot a biometric database next month, civil rights lawyers
warned on Monday of “irreversible damage” should biometric data be
Leaked biometric data, including fingerprints, could greatly
increase the risk of identity theft, according to civil rights lawyer Avner
Pinchuk, head of the Association for Civil Rights in Israel’s Privacy and
“The leak of the population database is a warning to
all citizens of Israel not to give their fingerprints to those who don’t know
how to secure sensitive personal data,” said Pinchuk.
Pinchuk noted that
the Interior Ministry admitted recently that any biometric data leakage could
cause “irreparable damage” to citizens, while assuring the public it is capable
of securing its planned biometric database.
“The ministry is conducting a
misleading campaign to promote its biometric database pilot and for years has
refrained from issuing quality ID cards that are impossible to fake so that it
could ‘sell’ the public on the idea of a biometric database,” said Pinchuk. “But
this database will only serve to greatly increase the risk of identity theft,
just as experts have warned.”
Speaking to The Jerusalem Post
York on Monday, CEO of the IT firm Green Armor Solutions Joseph Steinberg said
that the theft should encourage efforts to create more stringent means of
“One of the things I’ve been arguing for a long time is
that any information that’s public, or not difficult for the public to obtain,
shouldn’t be used to authenticate anyone,” said Steinberg. “The government is
going to have to come up with more stringent means to prove someone’s identity.
Having just your date of birth or ID number won’t be sufficient [in Israel]
because now it’s common knowledge that anyone has access to this.”