icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
29 Dec, 2015 03:02

191 million US voter registration records leaked online – report

191 million US voter registration records leaked online – report

A security researcher has uncovered a publicly-available database containing the personal information of 191 million voters on the internet, but it isn’t clear who owns it.

Chris Vickery, who shared his findings on DataBreaches.net, disclosed the trove of voter data, which includes names, home addresses, voter IDs, phone numbers, and birth dates, as well as political affiliations and voting histories since 2000. The database does not contain financial information or Social Security numbers.

The Texas tech support specialist said that he found the database while looking for information exposed on the internet in an attempt to raise awareness of security breaches.

Vickery has since reached out to law enforcement, as well as the California attorney general’s office. The database was still online as of Monday.

“When one of their attorneys asked, ‘Well how much data are we talking about?’ and I read her the list of data fields and told her that we had access to voter records of over 17 million California voters, her response was ‘Wow,’ and she promptly forwarded the matter to the head of their e-crime division,” DataBreaches.net’s administrator wrote online.

Vickery looked up his own information in the database table covering Texas and confirmed it was all accurate, and researchers from DataBreaches.net and security website CSO did as well. Vickery also looked up several police officers in his city and confirmed that the information matched.

Steve Ragan, a security blogger at CSO, assisted in investigating the breach. He pointed out that none of the political database firms he identified that are connected with the database have claimed ownership of the IP address where the information is published.

He said that the leak is worse than a recent breach of voter data from Hillary Clinton’s campaign by a member of Bernie Sanders’ campaign, “because the data he discovered isn’t a client score – it’s a complete voter record for 191 million registered voters.”

“The problem is, no one seems to care that this database is out there and no one wants to claim ownership,” he said.

READ MORE: ‘Berniegate’: Sanders regains access to voter data, supporters furious over DNC ban

Companies often charge large amounts of money to sell voter data, and many states place restrictions on the use of voter information for commercial purposes. However, political campaigns are largely exempt from many of the communications laws applying to businesses, and are under no obligation to safeguard their data.

“Our society has never had to confront the idea of all these records, all in one place, being available to anyone in the entire world for any purpose instantly,” Vickery said, according to Forbes. “That’s a hard pill to swallow. It crosses the line.”

Podcasts
0:00
29:12
0:00
28:18