Unsecured, unclaimed database leaves 191 million US voter registration records open to all

By Shawn Knight
Dec 28, 2015
Post New Reply
  1. A well-known security researcher has discovered an unsecured database containing 191 million US voter registration records. The data includes names, addresses, dates of birth, phone numbers, party affiliations and even logs of whether or not voters had participated in primary or general elections.

    The validity of the data has been confirmed by several publications including Forbes. Chris Vickery told the publication he has at his disposal 300GB of voter data which seems to date back to 2000.

    Fortunately, sensitive data including social security numbers and financial details aren't included in the database.

    The pressing question at this hour relates to pinning blame on the person(s) responsible for the database misconfiguration.

    Vickery and both reached out to NationBuilder, a service that helps set up digital campaigns for various political parties. A representative for the company said the IP address associated with the database didn't belong to them. CSO reached out to Aristotle, Catalist, L2 Political, NGP VAN and Political Data, all of which denied ownership of the database.

    As Forbes correctly points out, much of the information in the database is publicly available to campaigners although some services charge a lot of money for access. Scammers and marketing firms are likely to get the most use out of it, assuming of course that they can replicate Vickery's steps to hunt it down.

    Thumbnail courtesy Thinkstock, lead image via John Moore, Getty Images

    Permalink to story.

  2. Uncle Al

    Uncle Al TS Evangelist Posts: 1,527   +688

    Stolen by whom? Hillary? Trump? Pat Paulson???
  3. tonylukac

    tonylukac TS Evangelist Posts: 1,293   +55

    It seems every day another government database is hacked. What does that homeland security do anyway?
  4. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,349   +1,945

    First and foremost they take your money, what they do with it is their business...
  5. MikeAcker

    MikeAcker TS Enthusiast Posts: 30

    It's important for people to understand that this type of information has been stolen from all of us for years. with that in mind we need to address the question of

    Secure Computing in a Compromised Environment

    a general adoption of proper digital authentication procedures will be necessary . this will require training for our young people coming though school and assistance for folks who need help .

    the methodology is already here:
    1. use a secure O/S . a secure O/S is one which will not allow itself to be compromised by the activity of an application program . this concept was introduced with IBM/360 in 1964 and has been unfortunately ignored by some software developers

    2. authenticate transactions. folks may want to use theri own PGP key -- or -- short of that -- a process for validating x.509 certificates will be needed .
  6. RustyTech

    RustyTech TS Guru Posts: 820   +390

    Well we already know that Hillary likes to set up her own servers (which in her case was a crime that no one is paying attention to); so who knows who did this. Maybe it was done on purpose as to point a finger to her?
  7. TheBigT42

    TheBigT42 TS Member Posts: 32   +14

    And people want the ability to vote online....With this crap going on....Wake up America
  8. treetops

    treetops TS Evangelist Posts: 1,937   +157

    People have been voting online for over a decade.
  9. Bill Powell

    Bill Powell TS Rookie

    I can see one thing this kind of list would be really good for. If you wanted to send folks in to vote more than once, it would be really handy to know whose name you could present, whether or not they normally voted and, which party's ballot you would ask for. But then, there is no such thing as voter fraud we're told.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...