Recently, hackers from Iran broke into a number of major Israeli vacation booking websites, and as a result, they were able to access the personal information of more than 300,000 Israelis.
The incident occurred approximately fourteen days ago, and the Privacy Protection Authority in Israel announced it on a Thursday evening.
Websites owned by Gol Tours LTD, a travel agency that operates over 20 different trip booking websites, were compromised as a result of the attack.
The Privacy Protection Authority claimed that it had promptly contacted the owner of Gol Tours LTD following the incident in an effort to rectify the security holes that the hackers had taken advantage of; however, it was met with a reluctance to cooperate from the owner of Gol Tours LTD.
The authority stated that “the required improvements were not made” and that it has begun an investigation into the incident. The authority also noted that it had initiated an investigation into the incident.
According to a report that was shown on Channel 12 news, the authority has also asserted that the proprietor of Gol Tours LTD refused to address the security breaches because doing so would have resulted in financial loss for him.
According to the report, the company’s owner also disregarded instructions given to them by Israel’s National Cyber Directorate in the wake of the hack. These instructions were intended to assist the company in improving its security and preventing additional information from being leaked to hackers.
On Thursday, Israeli authority officers carried out a raid on the headquarters of the company and took possession of its servers pending the outcome of the investigation. This action is unique in Israel.
The Privacy Protection Authority issued a statement in which it said, “In any case of failing to immediately report a serious security breach and not cooperating according to the guidelines, the authority will take decisive action to protect the personal information of the public, including effectively halting the company’s operations.” This was said in reference to a scenario in which the company failed to immediately report a serious security breach and also failed to cooperate according to the guidelines.
The regulatory body expressed the hope that the unprecedented action it had taken in this instance would serve as a deterrent to other website owners who, in the future, might think twice before disclosing a breach in website security.
In his response to the allegations, the proprietor of Gol Tours LTD categorically denied the allegations and stated that the authority had treated him in a manner that was even more offensive than anything the Iranian hackers had ever done.
The event takes place just a few weeks after the Israeli government instructed Israeli communications companies to strengthen their cybersecurity as part of a new initiative to protect the country from online attacks in response to an increase in hacks targeting Israeli websites.
The reform mandates that Israel’s major telecommunications providers put in place comprehensive plans for detecting and thwarting future cyberattacks directed at communication networks. This obligation was placed on the providers as a result of the legislation. Now, corporations are going to have to comply with standardized standards.
In recent years, Israel has reportedly been under attack from an unknown number of Iranian cyberattacks.
During the course of the previous year, the Hillel Yaffe Medical Center in Hadera was the victim of a ransomware outbreak that rendered its whole computer network inoperable.
Iranian hackers targeted a number of Israeli websites in the year 2020 as part of Iran’s Quds Day celebrations. These websites featured a video depicting Israeli cities being bombarded and statements threatening the Jewish state’s destruction.