Independent computer security researcher, Chris Vickery, has uncovered a vulnerability in a database which contains the data of 191 million US voters. Due to the incorrect configuration of the database anyone could theoretically access it via the internet.
Vickery, who works as a tech support specialitist in Austin, Texas, revealed that the database included names, addresses, birth dates, party affiliations, phone numbers and emails of all of the voters in the US.
Chris Vickery was working with unnamed federal authorities to identify the database owner and get them to remove it from public view. While US voter data is made public, it is still time consuming to get a compiled list of all voter's records. There is a possibility that the database was already accessed by other unintended parties, although there is no way for Vickery to know yet, until logs on the database are checked. If the database was accessed by a malicious entity the data may be used in future scams.
States have different rules over how data must be handled. This database has breached the rules that California sets out. California's restrictions say that voter data can only be used for political purposes and can only be made available for those within the US, obviously the database revealed by Vickery is available all over the world.
The US Federal Elections Commission, which is in charge of regulating campaign financing, said that it isn't responsible for protecting voter records.
In an update to their originial article, DataBreaches, added an update to its article stating that the server is no longer publically available. Details on who runs the server are still unknown as of writing.
Source: DataBreaches via Reuters | U.S. Capitol at night image via Shutterstock
25 Comments - Add comment