Data of Thousands of “Israeli” Forces Leaked

By Staff, Agencies

Haaretz reported on Wednesday a major security breach on an external "Israeli" ticketing platform, TickChak, exposed the personal data of tens of thousands of "Israeli" occupation forces, including senior figures like Chief of Staff Eyal Zamir.

The compromised data included full names, ID numbers, and phone numbers. TickChak, used by military units to provide recreational perks, had a glaring vulnerability: anyone with access to an ID number could view a soldier’s private information without any further verification.

The breach was executed using basic software tools created by a user calling themselves the “Persian Prince". The attacker reportedly ran a program that generated and tested ID numbers to extract associated personal data.

The platform failed to implement key protections like automated security blocks or geographic restrictions, allowing unrestricted access—even from what the paper described as a “hostile state".

The leak is seen as a significant security lapse, with Haaretz noting that it included information about active-duty personnel and the “Israeli” army’s top commander. The exposed data could potentially be used by adversaries to monitor, track, or target "Israeli" forces.

In response, the "Israeli” army stated that “the glitch was immediately addressed, the incident was investigated, and lessons were learned.”

TickChak defended the platform’s safety, asserting that it meets “international standards,” but admitted that “the simple login system was used at the customer’s request, instead of two-step verification.”

The company claimed that it has since enhanced its security measures.