A database allegedly containing COVID-19 vaccination certificates and other sensitive information is being offered for sale on the internet and via Telegram by a group believed to be Canadian. According to the claims of the perpetrators, the database contains approximately half a million records, reportedly purchased from the hacker group Anonymous. As of now, the origin of the files remains unclear, and the sellers are asking for about $1 million for the entire database. In a sample provided by the group to potential buyers, around 500 files are included, featuring screenshots of vaccination certificates.
The vaccination certificates show dates from 2021, toward the end of the pandemic. According to Erez Dasa, a cybersecurity expert and manager of the Telegram channel "Cyber News," who first publicized the database, the group identifies itself as antisemitic, though it remains unclear where the database originated.
"The information belongs to the COVID-19 period, but I don’t recall it being published before. It includes sensitive identifying details like names, ID numbers, birth dates, and information about administered vaccinations. So far, the attackers have published around 500 images, but they claim that the database contains approximately 500,000 unique files, which they are willing to sell for about $1 million ($2 per file)," Dasa said.
Get the Ynetnews app on your smartphone: Google Play: https://bit.ly/4eJ37pE | Apple App Store: https://bit.ly/3ZL7iNv
At this stage, it is unclear whether the group is driven by anti-Israel or antisemitic motives, or if their primary goal is financial profit. On their X channel, the group refers to itself as "ILleak" and claims to act with anti-Israel motives. However, activist groups typically do not sell the information they obtain, preferring instead to publicly embarrass their targets. Additionally, members of the group claim they have collected around 80 million data items from approximately 8 million Israelis, amounting to about 15 terabytes of data.
The group’s website lists additional databases they claim to have collected. These include the database stolen from the Atraf website in 2021, Facebook in the same year, the Likud election app (Elector) in 2020, and, as they claim, the vaccination card app. The most recent database was uploaded online at the end of February by Anonymous and contains a total of 543,292 files.
Unprecedented scale of cyberattacks
Since the beginning of the war, the scale of cyberattacks on Israeli targets has surged to unprecedented levels, exposing numerous security vulnerabilities in various Israeli websites, applications, platforms and communication networks. In many cases, it has been revealed that the attacks succeeded due to negligence on the part of the operators or owners when it comes to information security within their organizations.
At the same time, soldiers have uploaded extensive documentation of themselves to social media, leading to their identification by hostile entities. The result is that many organizations have used this information to try to frame soldiers for alleged crimes committed during their service in Gaza or other locations. Even databases containing personal details, photos, and private information of senior officials have leaked online following breaches of their personal smartphones.