Someone left 300 gigabytes of voter registration data sitting out on the Web, and no one seems to want to take responsibility for it. The database includes the voter registration information for over 191 million American voters, and is ripe for abuse by scammers, marketers, and basically anyone who wants the personal address and phone number of anyone registered to vote.
Included in the user data is sensitive information like names, addresses, political affiliation, phone numbers, voting records, and email address, depending on how much you provided when you registered to vote. Thankfully, it doesn’t include Social Security numbers or other information that’s useful for identity theft, but is still useful to scammers and telemarketers, who can’t normally use voter databases for marketing purposes.
The data was found by a white hat hacker, Chris Vickery, who says the database is still available for download, although he obviously doesn’t detail how to go about finding it. Vickery includes a redacted screenshot with his own information from the database in the report on Databreach.net. The report blames a misconfigured database for the malfunction.
Related: HZone HIV dating app suffers massive data breach exposing 5,000 user accounts
Granted, the information included in the database isn’t necessarily confidential depending on what state you’re in. While some states put strict regulations on access and use, other states make the information a matter of public record. Regardless, there are companies that charge top dollar for access to that information who will surely be unhappy with its availability for free.
More importantly, none of the major campaign database providers have stepped forward to claim the database. And until someone does, it’s going to remain out on the open Web for anyone to download and use however they like. There are obvious security risks associated with addresses tied to name, religion, and ethnicity in a single database, and Vickery has also notified the proper authorities to attempt to have it removed.
- VTech ‘cannot confirm’ if kids’ chat logs and photos were compromised by security breach
- “Have I Been Pwned?” owner uncovers 13 million plaintext passwords leaked from free webhost
- Uber hack traced back to Lyft, report claims
from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1Uekz60
Brad Bourque
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM