Tasmanian voters caught in data breach

Data on Tasmanian voters that applied for an express vote at recent elections has been stolen by hackers, the state’s electoral commission has warned.

The commission is one of a growing list of victims of a breach at Spanish web form maker, Typeform, in which hackers were able to exfiltrate a “partial backup” file containing a range of client data.

The Tasmanian Electoral Commission said in a statement that data collected through five forms on its website had been stolen.

“Whilst some of the stolen elector data captured in some of these forms has already been made public, such as candidate statements for a local government by-election, it is believed that the breach also captured name, address, email and date of birth information provided by electors when applying for an express vote at the recent State and Legislative Council elections,” the commission said.

“The Electoral Commission will be contacting electors that used these services in the coming days to inform them of the breach.”

Express voting offers a chance for constituents to cast their vote via email or fax. It is used when the voter is going to be interstate or overseas, or if they simply live too remotely to get to a polling station.

The commission’s application page points to an online application form that is hosted with Typeform.

Around 4000 voters may have been impacted by the breach, although the exact figure was still unknown, ABC Local reported.

The Electoral Commission apologised for the breach and said it “will re-evaluate its collection procedures and internal security elements around its storage of electoral information for future events”.

It also said the the breach “has no connection” with data held in either the national or state electoral roll.