This site uses cookies to ensure the best viewing experience for our readers. Read more about it Got it

Check Point Finds Security Breaches in Israeli Political Party Apps

Researchers at veteran cybersecurity company Check Point found that an app by Israel’s Labor party extracts the contact lists of its users without their knowledge, uploading them to an external server

Tzally Greenberg 17:4728.03.19
Researchers at veteran cybersecurity company Check Point Software Technologies Ltd. detected security breaches in the mobile applications of Israeli Prime Minister Benjamin Netanyahu’s ruling Likud party and Israel’s Labor party. Check Point detailed the breaches in a report released Wednesday.

 

For daily updates, subscribe to our newsletter by clicking here .

 

According to the report, the Labor party’s app extracts the contact lists of its users without their knowledge, uploading the data to an external server. Users’ contacts are analyzed based on their titles and nicknames in an attempt to determine the nature of the relationship and degree of separation. The goal, according to the report, is to locate and reach potential voters, and information including names, phone numbers, and email addresses are sent to the party's database.

 

Likud event. Photo: Yair Sagi Likud event. Photo: Yair Sagi

 

 

A spokesperson for the Labor party responded to Calcalist’s request for comment by saying that the app cannot access a user’s contact list without consent. The mapping of the contact lists is done to improve user experience and the data is not kept, the spokesperson said.

 

Check Point’s researchers also found “several vulnerabilities” in the Likud party’s mobile app. According to the report, users’ details—including residential addresses, email addresses, telephone numbers, and marital status—were found to be susceptible to hacking. While the app’s management interface requires identification of a user name and password, the report said, the data is “accessible to the internet and exposed to cyber attacks."

 

According to the company, more than 119,000 Likud party members had their personal details exposed to theft.

 

 

A spokesperson for the Likud party responded to Calcalist’s request for comment by saying the party "dealt with the breach immediately, personal information was not leaked and no damage was caused."

 

 Founded in 1993, Tel Aviv-based, Nasdaq-listed Check Point develops firewall services for companies and governments, touting over 100,000 organizations currently using its products, according to company statements.

Cancel Send
    To all comments