Cyber Incident Victim: Kiryat Ono

On October 9, 2023, a hacker group claiming Jordanian affiliation breached the systems of Ono Academic College near Kiryat Ono, a city adjacent to Tel Aviv. The attackers exfiltrated approximately 250,000 records containing personal information of employees, current students, and former students. They subsequently published this data on Telegram channels. The college confirmed the breach after cybersecurity experts investigated the incident, forcing administrators to take all IT systems offline to contain the compromise. In an official statement, the institution acknowledged coordination with Israel’s National Cyber Directorate and the Privacy Protection Authority while estimating full system restoration would require several days. Check Point Software Technologies’ Chief of Staff Gil Messing characterized this as the most significant cyberattack during the early phase of the Israel-Hamas conflict, noting its scale relative to other incidents.

Three days later on October 12, hackers compromised two digital billboards operated by CTV Media Israel in the Tel Aviv area. The intrusion occurred when the company temporarily opened its network for maintenance, allowing attackers to replace commercial content with pro-Hamas imagery for several minutes. The unauthorized footage displayed the Israeli flag under fire alongside scenes from Gaza, described by Messing as "anti-Israeli" propaganda. CTV Media CEO Eilon Rosman confirmed the brief network exposure enabled the breach. Check Point observed this incident as part of a broader pattern of low-complexity attacks during the conflict, including website defacements and short-duration DDoS campaigns. While over 40 groups publicly threatened critical infrastructure attacks—including one Telegram message targeting Israel’s Mekorot water utility—most activity focused on psychological disruption rather than destructive payloads. The college data breach remained the most severe confirmed operational impact at the time of reporting.