Database with 154 million US voter records left wide open

By

Contained sensitive, personally identifiable data.

A large database containing sensitive information on 154 million United States voters was left wide open on the internet, with third parties overseas accessing the data.

Database with 154 million US voter records left wide open
Source: Chris Vickery.

MacKeeper security researcher Chris Vickery said he discovered a CouchDB instance hosted in the Google cloud, that was configured for public access with no user authentication whatsoever required.

Vickery deduced from the record naming scheme that the database originated from information brokerage L2.

When contacted by Vickery, L2 said the database was copied from a client of the company. 

"The client told us that they were hacked, the firewall was taken down and then the probing began," L2 chief executive Bruce Willsie told Vickery.

Willsie did not name the client responsible for the data breach. The L2 chief executive said the database was a year-old copy of the company's national file, and contained "only a small number of our standard fields".

Besides voters' addresses and phone numbers, the database contained fields with records of their ethnicity, gun ownership, whether or not they're anti-abortion, have children, and if they opposed marriage equality or not.

Vickery also queried the server's log file and discovered that a computer with an internet protocol address allocated to a network with an address in Serbia had accessed the database in April this year.

The database has been taken down after Vickery reported the breach.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?