Haaretz: Highly classified army data leaked via Google

Sources said that secret documents belonging to the occupation army were leaked online, and it took a full six days to close the security vulnerability, despite the information being classified as life-threatening by military censorship.

According to sources, the full names of air force pilots of the occupation army involved in an airstrike on the city of Jenin in the West Bank were revealed, in addition to a detailed map of an occupation army detention facility, and information about the occupation's electronic systems targeting Iran, all within military documents stored insecurely in a public online folder belonging to the occupation army spokesperson's unit, easily accessible via a simple Google search.

It explained that some files were stored in an open folder without any authentication, and Google indexed a number of them, making them available to anyone with basic technical knowledge.

The number of files stored on the server reached 2590 PDF files, some of which contained sensitive and confidential information, including the full names of officers and soldiers in active, reserve, and professional service, who were supposed to be referred to only by their first initial.

The leaked materials also included the full names of air force pilots participating in the Jenin raid, internal reports issued by the occupation army spokesperson's unit, and information about various bases and facilities, without any redaction or censorship.

Sources reported that the documents were issued by the occupation army spokesperson's unit through a backup and distribution system belonging to a commercial company that also provides its services to private sector clients, and the system allows documents to be shared via links.

In recent years, the unit has used these links to distribute data and documents to journalists, in addition to storing some documents and distributing others after redacting sensitive names.

However, the problem, according to sources, was that everything uploaded to the system became publicly available, as employees of the occupation army spokesperson's unit did not realize that every document generated an easily guessable public link, including secret documents that the occupation army never intended to publish.

Sources described the failure as twofold: a misunderstanding of the consequences of uploading documents, and their easy discovery due to not being protected or stored with complex names.

Sources indicated that the documents were stored on a server using a commercial domain without encryption, some of which were available via Google, while others could be extracted using simple tools and software, with no restrictions on access attempts or blocking from hostile countries, allowing anyone anywhere in the world to download the documents without technical expertise.

Sources indicated that researcher Or Fialkov, specializing in occupation wars, was the one who informed them of the breach after a warning from one of his followers on the X platform, user EcoTerrorist101, who discovered the leak via a Google search and was able to obtain the documents by simple means.

Fialkov said that the documents included the full names of senior officers and air force pilots, identities usually concealed for their protection, warning of the possibility of this information being exploited by "Israel's bitterest enemies," including Iran, and the potential for harm or kidnapping attempts abroad.

Sources confirmed that they only publish reports on security breaches after the vulnerability has been closed or sensitive information removed, but what happened in this case was exceptional, as the closure of the breach was delayed despite repeated warnings.

After issuing a public appeal for help without details, sources received a call from military censorship demanding the immediate deletion of the appeal as life-threatening information.

Ultimately, a meeting was held with cybersecurity officials in the occupation army and representatives of its spokesperson's unit, during which the difficulty of closing the system was explained, as it is a civilian platform.

Sources stated that the technical solution was simple and only required a few lines of code on a Microsoft server, but the army was unable to implement it for several days, despite the involvement of multiple units, including the Mamram unit specializing in computing.

Six days after the initial report, the breach was finally closed, which sources described as unacceptable slowness from a sensitive and technologically advanced institution like the occupation army, noting that this is not the first time a similar leak has been discovered from the army spokesperson's unit.