Another voter database leak has been uncovered, with the profiles of 154 million Americans possibly open to access by foreign operatives.
The database, a CouchDB instance, was wide open, according to MacKeeper security researcher Chris Vickery. In fact, it was configured for public access with no username, password or any other authentication required. The records contained a slew of personal, granular and sensitive details, including name, age, address, phone number, ethnicity, political affiliation, estimated income, marital status and—interestingly—Facebook profile URLs.
As for the foreign incursion, Vickery found that a Serbian IP, 89.216.31.2, was interacting with this same database back on April 11.
“Why was a Serbian IP messing around with a US voter database?” Vickery said, in a blog. “Even if this was just a proxy server it is still very troubling that this apparent incursion took place.”
The address of the open database resolved to a googleusercontent.com, indicating that the person or organization responsible for the leaky database was renting server space from Google’s Cloud services. Vickery traced the database down to a data brokerage company named L2, which turned out to have a client that was hosting data purchased from L2 in an insecure manner.
“[I] asked for L2’s assistance in getting it taken down,” Vickery said. “The database was taken offline within three hours of our telephone conversation. That’s a pretty good turnaround time if you ask me.”
The client told L2 that it had been hacked—a claim that Vickery is leery of.
“The ‘we were hacked’ explanation comes out a lot in the kind of research that I do,” he said. “One of the more noteworthy examples of this was when the Citizens’ Movement political party of Mexico made the same claim after I found an exposed copy of that country’s voter database. I have always believed that Citizens’ Movement was just lying to cover their own mistake.”
Adam Levin, chairman and founder of IDT911, told us via email that he doubts this will be the last voter database that crops up in the wild.
“Given the current political and media firestorm, this trend likely will escalate as November approaches,” he said. “Greater security measures need to be taken in order to protect all Americans from becoming the victims of identity theft, as the information available is more than enough for hackers to access current financial accounts, set up fraudulent accounts, as well as launch effective phishing attacks against millions of unsuspecting citizens to gather additional information that can be used to commit tax fraud, medical identity theft and criminal identity theft.”
He added, “Political organizations should be held to a high standard regarding data security. They must encrypt data, continuously monitor their networks, aggressively penetration test their systems and vigorously train and drill their employees.”
Photo © Joseph Sohm/Shutterstock.com