At a glance.
- Israeli voter database compromised.
- Solairus Aviation discloses data breach.
- Japan shies away from Line.
- Lifestyle retailer discloses a breach and asks those affected to keep it quiet.
Shortly before elections, an Israeli voter database was compromised.
In what appears to have been an extortion attempt against the company that maintains the database, Elector Software Ltd., personal data on some 6.2 million Israeli voters were released shortly before this week's elections, Calcalist reports. Some of the data, which includes "residential addresses, phone numbers, and dates of birth of the registered voters," seems to have been taken from another breach that occurred last year. But there are some data that include full names and assigned voting locations, and that exposure suggests that the database was updated for the current election cycle.
The Times of Israel says a group styling itself "the Israeli Autumn" claimed responsibility for the breach. Elector is described as a "voter promotion" system, that is, an aid in get-out-the-vote campaigns. It's associated to a large extent, albeit not exclusively, with the Likud party, and that association has been controversial, with critics complaining last year that Likud had improperly shared data with third parties.
While the incident appears to be motivated by a blackmail attempt, there's been some speculation, the Record reports, that the goal may have been to embarrass Likud to the detriment of its electoral chances. As the votes are counted, Likud is in the lead, but seems likely to have to govern in a coalition, according to the Guardian.
Solairus Aviation discloses data breach.
Solairus Aviation, a private jet charter operator headquartered in Petaluma, California, has disclosed that it suffered a data breach. It's a third-party incident, deriving from an intrusion into Avianis's Microsoft Azure cloud platform; Avianis hosts Solairus's flight scheduling and tracking system. SecurityWeek reports that both employee and customer data were exposed.
Japan goes off Line.
The Mainichi reports that the free messaging app Line has fallen out of favor with Japanese government and corporate users after Line was determined to have shared user personal information with an affiliated Chinese company. Line had come into wide use. It was not only free, but it was generally regarded as easy to use and accessible, and so came to be relied on for much public communication. Some government agencies have reverted to email as an alternative.
Fat Face would like you to know your data were compromised. (But keep it just between us.)
Fat Face, a British retailer specializing in "lifestyle" clothing and accessories, disclosed to some customers at least that a hacker had compromised the store, "stealing customers’ names, email and postal address, and the last four digits of their credit card." TechCrunch adds that Fat Face told customers, in its emailed notification, to “keep this email and the information included within it strictly private and confidential.” The crisis communication firm Fat Face retained explains this as a request that's appropriate to the sensitivity of the material under discussion. That may well be true, although the ask seems clumsily (and ironically) expressed. It would also amount, TechCrunch says, to an "unenforceable request."