Every time a foreigner comes to the United States, their biometric data–fingerprints and photographs–are processed into a massive database called US-VISIT. The service prevents identity fraud and helps find criminals, and countries all over the world have adopted similar systems. Now Israel’s has been hacked, leading to the leak of personal information of nearly every single citizen there (even some dead ones) onto the Internet.

Authorities in the Middle Eastern country announced the arrest on Monday of a suspect responsible for the massive data theft. He’s a contract worker at the Israeli Welfare Ministry who was allegedly engaged in small-scale white collar crimes after-hours and who is accused of stealing Israel’s primary national biometric database in 2006. He had access to the database, which is part of the country’s population registry, through his office.

The stolen database contained the name, date of birth, national identification number, and family members of 9 million Israelis, living and dead. More alarmingly, the database contained information on the birth parents of hundreds of thousands of adopted Israelis–including children–and detailed health information on individual citizens.

Shortly after being fired from his job for unrelated offenses, the unnamed suspect began passing the database around to members of Israel’s surprisingly numerous Hasidic Jewish criminal underworld. According to the ultra-Orthodox Jewish Yeshiva World News, the stolen biometric database was passed around by six separate suspects, who made copies of the records in exchange for cash.

Identity theft and petty Internet crimes being what they are, the stolen biometric information quickly made its way online. One of the secondary suspects uploaded the whole of Israel’s biometric records database to the Internet under the name “Agron 2006.” A quick Google search reveals numerous torrents and uploaded copies of the database easily available for download.

According to Yoram Cohen of the Israeli Justice Ministry, “Any person who handles personal information and any citizen should lose sleep over the chain of information from the now exposed theft of the Population Registry information.”