Iranian hackers had attacked a number of Israeli travel booking websites and managed to obtain the personal information of over 300,000 Israelis, Israel’s Privacy Protection Authority confirmed on June 30.
The cyber-attack, which took place two weeks earlier, targeted websites operated by Gol Tours LTD, a tourist company that owns more than 20 travel booking websites. The affected websites include: hotel4u.co.il, booking-hotels.co.il, booking-kibbutz.co.il, mlonot.co.il, noapass.co.il, gol.co.il, funtoursisrael.co.il, ortal.net, come2israel.co.il and come2israel.com.
The information leaked by the Iranian hackers included telephone numbers, addresses, dates and locations of booked vacations and sensitive medical information.
In a statement, the Privacy Protection Authority said that it had immediately contacted the owner of Gol Tours LTD following the cyber-attack, in an effort to address the security flaws that the hackers took advantage of. However, he refused to cooperate.
The owner ignored instructions provided by Israel’s National Cyber Directorate following the attack, meant to help the company improve its security and avoid additional information being leaked to the hackers. The owner didn’t reportedly cooperate because it would have cost him money to do so.
Officials from the Privacy Protection Authority raided the offices of Gol Tours LTD and seized its servers until the investigation is complete.
(The report appeared in South Front)