Skip To Content
JEWISH. INDEPENDENT. NONPROFIT.
Fast Forward

Security Flaw In Israeli Propaganda App Exposed User Data

An app designed to help users spread pro-Israel messages on social media contained a security flaw that exposed the email addresses of its users, The Intercept reported Friday.

Act.il was developed by three pro-Israel groups that receive funding from Las Vegas billionaire Sheldon Adelson. It has been a pet obsession of Israeli Minister of Strategic Affairs Gilad Erdan.

Act.il is essentially a social media app with a video game-like experience: users earn points for completing “missions.” These missions can include reporting the presence of anti-Semitic imagery on Facebook, posting about Israeli military cooperation with other Western militaries and pointing out news and commentary perceived as anti-Israel.

“I was shocked to find that email addresses for users were being shared across the Internet whenever a search is performed,” an anonymous security researcher told The Intercept.

The researcher reported that anyone with rudimentary knowledge of computer code could obtain a log of the email addresses of all the app’s users. The Intercept informed the app’s developer, Rallyware, of the security flaw. Rallyware later fixed the issue.

Contact Ari Feldman at [email protected] or on Twitter @aefeldman.

Republish This Story

Please read before republishing

We’re happy to make this story available to republish for free, unless it originated with JTA, Haaretz or another publication (as indicated on the article) and as long as you follow our guidelines. You must credit the Forward, retain our pixel and preserve our canonical link in Google search.  See our full guidelines for more information, and this guide for detail about canonical URLs.

To republish, copy the HTML by clicking on the yellow button to the right; it includes our tracking pixel, all paragraph styles and hyperlinks, the author byline and credit to the Forward. It does not include images; to avoid copyright violations, you must add them manually, following our guidelines. Please email us at [email protected], subject line “republish,” with any questions or to let us know what stories you’re picking up.

We don't support Internet Explorer

Please use Chrome, Safari, Firefox, or Edge to view this site.