Contact tracing data compromised on an unprotected server by NSO Group

According to TechCrunch, a security researcher has discovered unprotected, and without a password, data related to contact-tracing systems developed by NSO Group. This company based in Israel is known for selling surveillance and hacking tools, and is currently leading one of Israel’s contact-tracing projects. The data contained approximately six weeks of location data, from March 10 to April 23, including dates, times and the location of individuals who may have come into contact with a potentially infected person. The data also included the duration of social encounters to help score the likelihood of a transmitted infection. According to a researcher from the Toronto-based Citizen Lab, “NSO’s case is the precedent that proves the problem: rushed COVID-19 tracking efforts will imperil our privacy and online safety,”