As reported by the CSO, US voter data is at risk of being compromised. Cybersecurity researcher Chris Vickery uncovered a publicly available database of 191 million voter records online earlier this month.
The database is not protected by any security measures and reportedly remains live. Listed in the database is each voter’s full name, home address, mailing address, unique voter ID, state voter ID, gender, date of birth, phone number, date of registration, political affiliation, and voter history since 2000.
Vickery didn’t specify where he found the vulnerable database and isn’t sure what company compiled it. The researcher claims he’s found an Internet-connected “leaky database” that apparently is storing voter registration records for 191 million Americans.
However, after one week of working with others in order to identify the owner of the exposed and insecure database and lock it down, no one has come forward to claim responsibility. “I believe this is every registered voter in the entire country. To be very clear, this was not a hack,” says the security researcher, Chris Vickery, in a Dec. 28 Reddit post.
“The mysterious, insecure database is currently configured for public access. No password or other authentication is required at all. Anyone with an Internet connection can grab all 300+ gigabytes.”
Eventually he updated that post to note that the database had finally been taken down. “I’m happy to confirm that the database is now offline!” he says. “Thank you to whoever finally took if down!”
According to Vickery, the leaked out information includes first, middle and last names; home and mailing addresses; phone numbers; dates of birth; political party affiliation; and a record of whether or not individuals voted in primary or general elections, dating from 2000.
“I looked myself up in the Texas table. It’s accurate. It is not known whether or not ‘high risk professionals’ are included in this database,” he says. “However, I have looked up several police officers in my city, and their data is indeed present. I’ve been working with journalists and authorities for over a week to get this database shut down or secured. No luck so far.”
Vickery, who’s based in Austin, Texas, has described himself as an IT help desk employee by day and an amateur security researcher by night. He’s been scanning the Internet for signs of insecure databases, then sharing those findings.
The FBI refused to comment. Similarly, California Attorney General Spokeswoman Kristin Ford tells Information Security Media Group: “I can’t comment on a potential or ongoing investigation, or even confirm or deny an investigation, in order to protect the integrity of any investigation.”
But Australian data security expert Troy Hunt says that Vickery may soon find himself having to answer some pointed questions from authorities relating to his “research” activities in relation to the U.S. voter records. “Opening an unlocked door and stealing the contents behind it is still breaking and entering,” said Hunt. “That may well lead to having to answer some very uncomfortable questions in the not-too-distant future.”
Be the first to comment on "Database of 191 million US voters exposed on Internet"