MacKeeper security researcher Chris Vickery has discovered yet another database containing voter profiles of US citizens, accessible to anyone who stumbled upon it or knew where to look.
This one contains records on 154 million voters, which include their name, address, phone number, age, gender, marital status, estimated income, political party, congressional and state senate district affiliation.
Some of the records also contained information about the voters’ marital status, whether they had children or owned a gun, their stance on gay marriage, the language(s) they speak, and their email address.
It was a CouchDB database that required no authentication to be accessed, hosted on Google’s Cloud services. Luckily, an ID associated with each record pointed Vickery in the right direction regarding the owner of the data.
As it turned out, the data was originally collected by a data brokerage company named L2. He contacted them and, three hours later, the database was no longer online.
The company’s CEO explained that the database belonged to an unnamed national client of theirs.
“The client told us that they were hacked, the firewall was taken down and then the probing began. This was an old copy (from about a year ago) of the national file and it had only a very small number of our standard fields. Needless to say, the client is doing its own research now to determine the extent of the incursion,” the CEO reported to Vickery, thanking him for the heads-up.
Vickery also shared that he wasn’t the first one who accessed the database while it was “open.” After querying the server’s log file, he discovered that a Serbian IP address was interacting with this same database back on April 11th of this year.
“Why was a Serbian IP messing around with a US voter database? Even if this was just a proxy server it is still very troubling that this apparent incursion took place back on April 11th,” he pointed out.
If the story about the hack is true – and Vickery has his doubts, as he hears the same story used as a justification for data leaks too often – what’s their excuse for failing to remedy the effects of the hack for so long?