Chris Vickery, a security researcher who is known for finding leaked databases online claims he has found US voter registration records of 191 million US voters — It is unclear who is behind the leak, why the data was leaked, if the leak is a result of a security or a human error.
Vickery in the past found Hello Kitty, MacKeeper and H zone databases online but 191 million US voters data is something not only hard to get one’s hands on but also something that can expose identities of almost half of the people in the United States.
While talking to the data specialist Hacked-DB, HackRead was told that,
“We think it should be classified as a major security misconfiguration rather than data leak incident.”
The data contains personal information such as first name, middle name, last name, home address, mailing address, phone number, date of birth, party affiliation, and logs of whether or not the person voted in primary/general elections all the way back to 2000.
In a Reddit post, Vickery revealed that the database contains 300GB data which is currently configured for public access with no password or other authentication required whatsoever.
In a screenshot shared by Vickery, it can be seen that even his own personal details are available in the database.
The researcher confirmed that the data is accurate as he personally checked the leaked tables for citizens and police officers which turned out to be legit. Another important aspect of this news is the lack of interest shown by the authorities in recovering and taking off the database from public view as Vickery said,
“I’ve been working with journalists and authorities for over a week to get this database shut down or secured. No luck so far.”
Thomas Fox-Brewster of Forbes revealed that he shared his personal details with the researcher which matched with the database. That could lead to a conclusion that the database contains personal information of every registered voter in the United States.
At the moment, no one has taken responsibility for the leak. CSO contacted other political tech groups – Catalist, Political Data, Aristotle, L2 Political, and NGP VAN – and all denied the database belonged to them. The FBI New York field office and Internet Crime Complaint Center were contacted by DataBreaches.net and Vickery too.
The database is still available to the public and anyone can download it. If scammers, Chineses and Russian hackers got access to this database you can expect a cyber 9/11 just like the ex-NSA chief claimed a couple of years ago.
Stay tuned for more on this issue.