DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Data breach discovered in Jerusalem Municipality website

Posted on December 26, 2020 by Dissent

The Jerusalem Post reports:

A breach granting access to documents containing the personal information of hundreds of thousands of residents was found and repaired in the Jerusalem Municipality’s website, the tech website Geektime reported on Wednesday.

The breach was discovered by Hezkiyahu Raful, a programmer, while he was trying to help his uncle file an appeal to a parking ticket. When they attempted to look at photos taken by the municipal inspector who issued the ticket, there was no download button, so Raful pressed F12 to show the source code of the page. That’s when he saw that the URL had a numerical ID at the end and found that he could access additional parking ticket files by simply changing the number.
But that wasn’t the end of the risks he found.  He reportedly
also discovered that changing numbers in the middle of the URL enabled him to access building files, tickets, tax files and “any document that the municipality publishes or receives,” said Raful to Geektime.

Read more on The Jerusalem Post.

h/t, @Chum1ng0

Related Posts:

  • Israeli mental health center in Jerusalem hit with…
  • Jerusalem College of Engineering hacked by @VenomSec
  • Iranians Hacked Security Footage of Jerusalem Bombing
  • U.S. Consulate Mistakenly Sells Secret Files in Jerusalem
  • Israeli researchers discover global cyberattack in…

Post navigation

← RU: Freedom Finance admits data leak of 16,000 clients
Koei Tecmo – Websites down due while probable cyberattack investigated →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Ransomware group ‘Black Basta’ has raked in more than $100 million -researchers
  • DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
  • ID Theft Service Resold Access to USInfoSearch Data
  • Okta admits hackers accessed data on all customers during recent breach
  • Hackers breach Israel intelligence group’s website
  • Queensland passes mandatory data breach notice laws
  • A cyberattack hit thousands of people in Louisiana. They’re still in the dark months later. (1)
  • KidSecurity’s user data compromised after app failed to set password

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net