Hackers compromised IDF recruit files & had been selling private data to 3rd parties for years
Seven years after IDF recruits suddenly started receiving telemarketing calls en masse, Israel's judicial system has managed to track down a gang that hacked the conscription database and sold stolen private data to third parties.
A criminal enterprise, spearheaded by two civilians with the help of two IDF soldiers, managed to get access to the information systems of the Meitav unit, an Israel Securities Authority (ISA) investigation discovered, local media reports.
The information stolen included personal data on those born between 1988-1993, who were at the time preparing for military service. The hacked data included contact details, the number of children in the family and the individual’s designated role within the armed forces, the probe conducted at the request of Justice Ministry discovered.
According to the findings, the gang got the help of two insiders to access the files of thousands of incoming IDF soldiers between 2011 and 2014, which they later sold to a third party. Much of the information concerned conscripts who were under the age of 18 at the time.
The hacking went on unnoticed for years, until complaints from former servicemen about annoying telemarketing calls began to pile up as early as 2011. Frustrated complainants noted that fraudsters, pretending to be officials for the ‘Center for Discharged Soldiers’ or ‘Counseling and Guidance for Discharged Soldiers’ tried offering them a range of services and products under discounted prices.
After compiling evidence from seized hardware and interrogating the suspects, the findings of the investigation were transferred to the cyber department of the State Attorney's Office. The ISA accuses the suspects of violation of privacy, conspiracy, and bribery. Their names have not been shared with the public. It is also not clear if the suspects have been detained. The Privacy Protection Authority treats offences against minors a crime of “particular severity,” the head of the ISA’s Privacy Protection Unit noted.
READ MORE: Governments deploy ‘cyber troops’ for social media manipulation - study
“Unfortunately, we recognize that in organizations where there is supposed to be increased awareness of the importance of protecting sensitive information, there is insufficient compliance with the law in the field of protecting personal information,” Alon Bachar was quoted by local media as saying.
“When personal information is gathered from people as part of their military service, and not voluntarily, the army has a public duty to protect that privacy,” he added.
If you like this story, share it with a friend!
