Election campaign site run by Likud (the ruling political party of Israeli Prime Minister Benjamin Netanyahu) inadvertently revealed personal information about all of the 6.5 million Israeli voters on the Internet, just three weeks before the country's legislative elections.
All political parties in Israel receive personal details of voters before the elections, which they cannot share with any third party, and are responsible for protecting the privacy of their citizens and erasing them after the elections are over.
Reports indicate that the Likud party fully shared voter data with Feed-b, a software development company, which they then uploaded to a website (elector.co.il) designed to promote the voting management application under the name of "Elector". (Elector).
According to Ran-Bar-Zec, a Web Security researcher who revealed the problem - voter data was not leaked using any security vulnerabilities in the application, but the accident occurred due to negligence by the software company that leaked the username and password for the data management account through a point Unprotected end, which is listed in the public source code on its Internet home page.
And the Israeli media stated that "anyone who visits the Elector site on a browser like Chrome from Google can right-click on the page and select View Page Source." The source code shown on the site contains a link to the (get-admins-users) page, which the potential hacker simply had to visit in order to easily find the passwords of users (admins) who have a license to manage the database.
The open database includes the full names, ID numbers, addresses, and gender of 6,453,254 voters in Israel, as well as phone numbers, father's name, mother's name, and other personal details of some of them.
Some media reports confirm that the software company has now addressed the problem, but cannot guarantee the number of people who have since been able to download the voter database. The Privacy Ministry of the Justice Ministry said it was investigating the incident.