A security breach on an external Israeli ticketing website led to sensitive data belonging to soldiers in the Israeli occupation army, including Chief of Staff Eyal Zamir and high-ranking officers, being made available online, Haaretz reported yesterday.
According to the report, the breach allowed access to personal information, including their full names, ID numbers and phone numbers, through the TickChak website, which is used by army units to offer recreational benefits to their employees.
The breach, coupled with the weak security of the website, allows anyone to access soldiers’ data simply by entering their ID number, without going through any additional verification. This allowed for the extraction and collection of personal information belonging to tens of thousands of soldiers.
The breach occurred using simple software tools created by an anonymous user identifying themselves as the “Persian Prince”. The user was able to run a programme that tested potential ID numbers and extracted the details of their owners.
Hellbound and Down 