Loss of biometric data from 9 million Israelis cause for concern

Published 25 October 2011

With governments and businesses collecting an ever greater amount of biometric data from individuals, the recent theft of an entire database containing biometric data on more than nine million Israelis is serious cause for concern

With governments and businesses collecting an ever greater amount of biometric data from individuals, the recent theft of an entire database containing biometric data on more than nine million Israelis is serious cause for concern.

In the United States, every foreign visitor has their fingerprints scanned and photographs taken as part of the US-VISIT program and the FBI is in the midst of building a billion dollar biometric database that would give law enforcement officials access to more than ten million mug shots and fingerprints. Meanwhile India is creating the world’s largest biometric database with information from nearly 1 billion citizens.

In the Israeli case, the stolen database was part of the country’s primary national biometric database and contained the name, date of birth, national identification number, and family members of nine million Israelis – living and dead. In addition, the database held information on the birth parents of hundreds of thousands of adopted Israelis as well as detailed health information on citizens.

More troublingly, after the data was stolen, the database in its entirety was uploaded to the Internet where torrents of confidential details on Israeli citizens are now freely downloadable.

On Monday Israeli authorities announcedthat they had finally captured the suspect, a former contract worker at the Israeli Welfare Ministry who used his access to steal the data in 2006.

Prior to the theft, the suspect had been involved in several small-scale white collar crimes and ultimately sold information from the database to members of the criminal underworld.

In a stern warning, Yoram Cohen of the Israeli Justice Ministry said, “Any person who handles personal information and any citizen should lose sleep over the chain of information from the now exposed theft of the Population Registry information.”

With biometric databases increasingly becoming the norm for governments, hackers, criminals, and other malicious actors will have many opportunities to strike, making database security an even more critical function to ensure the protection of an individual’s privacy.