ILITA cracks case involving theft and online dissemination of Israel’s Population Registry; suspects arrested

ILITA (The Israeli Law, Information and Technology Authority in the Israeli Ministry of Justice), Israel’s Data Protection Authority, has cracked the case involving the theft of Israel’s Population Registry, the development of bespoke search and navigation software, and their dissemination online.

The investigation was conducted by ILITA's new Investigations and Enforcement Department, headed by Adv. Mili Bach. This was the first criminal investigation in Israel focused on illicit obtaining and disclosure of personal data.

ILITA’s investigation revealed that in 2006, an individual outsourcing service provider to the Ministry of Welfare and Social Services downloaded and stored at his home a complete electronic copy of Israel's Population Registry, which contains numerous data fields such as full name, identification number, address, date of birth, date of death, date of immigration to Israel, family ties etc. for more than 9 million Israeli citizens, including minors and the deceased.

The suspect disseminated to a third party a copy of the database, which subsequently reached a software developer who developed a program called “Agron 2006” to enable users to run complex searches and queries on the data, including navigating among family ties of the entire Israeli population. The “Agron” software was then cracked and eventually uploaded by a hacker to online peer to peer networks and disseminated worldwide. The hacker went further to create a website promoting the download and use of "Agron", while implementing sophisticated means, such as proxy servers and purging of traces on his computer, to conceal his identity and try to evade Israeli jurisdiction .

The case was investigated by the Israeli police in 2008 and closed without tracking the offender. In 2009, ILITA launched an undercover investigation focused on mapping the potential trails for data leaks and analyzing the "Agron", as well operating intelligence sources. The investigation ended with the arrest of six prime suspects, including the initial thief and the hacker.

This was one of the most intricate and complex computer offences investigation ever conducted in Israel, and the first to exclusively deal with the use and disclosure of personal data. The investigators used ILITA's Forensic Lab to collect and analyze electronic evidence on various devices, such as hard disks, CDs, and cloud computing services.

The investigation revealed further offences relating to personal data, including the theft of a copy of the Adoption Registry of the Jerusalem and Tel Aviv District. There was no evidence that this information, which is highly sensitive and contains records of adopted minors as well as their biological and adopting parents, was further disseminated.

Adv. Yoram Hacohen, the Head of ILITA: “From its establishment, ILITA sought to strengthen the protection of data privacy. This case highlights the importance of granting data protection authorities with criminal enforcement powers and of collaboration between enforcement authorities worldwide. It illustrates why data privacy and security measures must be tightened in both government and private sector entities, with a special focus on controlling the use of outsourcing service providers. Ultimately, companies and government entities must put in place measures of privacy by design, to preempt such data breaches and avoid ex post enforcement by the regulators.

A clip explaining the meaning of the theft

A clip describing the summary of events leading to the Registry's online availability