GOP-hired data company leaked information on 198 million citizens

Republican data analytics firm exposes voting records on 198 million Americans

Republican data analytics firm exposes voting records on 198 million Americans

The voter records of more than 198 million Americans have been compromised in what some security experts are calling "the largest known data exposure of its kind".

The records were exposed to anyone who knew rudimentary search techniques, said UpGuard, a Mountain View, California, cybersecurity firm, but the records have since been secured again.

He later added: "Apparently the RNC has a number assigned to every U.S. voter (regardless of party)".

Spreadsheets containing the data on almost 200 million Americans also contained roughly 9.5 billion data points modeling voter preferences and behavior, "a treasure trove of political data and modeled preferences used by the Trump campaign", according to UpGuard.

Deep Root said the data was "to the best of our knowledge proprietary information as well as voter data that is publicly available and readily provided by state government offices". Controls were since put in place "to prevent further access".

"We take full responsibility for this situation", Alex Lundry, the company's founder, said in a statement to Gizmodo. "We built our systems in keeping with these protocols and had last evaluated and updated our security settings on June 1".

Vickery found the database while searching for vulnerable data sources online as part of his job.

Deep Root has contracted the security firm Stroz Friedberg to perform a thorough investigation of the exposure.

"Based on the information we have gathered thus far, we do not believe that our systems have been hacked", Deep Root Analytics said in the statement.

Measuring 1.1TB, the information was stored in an unprotected Amazon Simple Storage Service (S3) bucket as spreadsheet files.

According to UpGuard, the voter data included multiple pieces of personally identifiable information for "potentially near all of America's 200 million registered voters".

Chris Vickery, a cyber risk analyst for "cyber resilience" company Upguard, discovered the unsecured database last week. Then stored it in a publicly accessible Amazon cloud server.

Voting records are public, but access is not always freely available and can be restricted in terms of use.

Building giant databases of voters so you can crunch the numbers to launch targeted campaigns is standard practice in modern politics.

According to UpGuard, the folder includes dozens of spreadsheets containing a unique GOP identifier for each voter for the 2008 and 2012 presidential campaigns, which link to "dozens of sensitive and personally identifying data points, making it possible to piece together a striking amount of detail on individual Americans specified by name".

'It also comes at a time when the integrity of the USA electoral process has been tested by a series of cyber assaults against state voter databases, sparking concern that cyber risk could increasingly pose a threat to our most important democratic and governmental institutions'.

"It's not just who you voted for". Interestingly enough, the director of The Data Trust, Johnny DeStefano, is President Donald Trump's director of presidential personnel.

"We don't want this on our hands".

Notícias recomendadas

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.