Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday August 19 2017, @10:40AM   Printer-friendly
from the check-if-Daley-is-on-the-list dept.

Arthur T Knackerbracket has found the following story:

A voting machine supplier for dozens of US states left records on 1.8 million Americans in public view for anyone to download – after misconfiguring its AWS-hosted storage.

ES&S says it was notified by UpGuard researcher Chris Vickery of the vulnerable database that contained personal information it collected from recent elections in Chicago, Illinois. The records included voters' names, addresses, dates of birth, and partial social security numbers. Some of the records also included drivers' licenses and state ID numbers.

"The backup files on the AWS server did not include any ballot information or vote totals and were not in any way connected to Chicago's voting or tabulation systems," ES&S said in a statement on Thursday.

[...] A spokesperson for UpGuard confirmed to The Register that the vulnerable service was an AWS S3 silo accidentally set up to be open to the public. Strangely, only Chicago's data was exposed by a misconfiguration.

[...] Chicago's election board, meanwhile, says it is "deeply troubled" to hear of the exposure, but applauded ES&S for taking quick action.

"We have been in steady contact with ES&S to order and review the steps that must be taken, including the investigation of ES&S’s AWS server," said Chicago Election Board chairwoman Marisel Hernandez in a statement.

"We will continue reviewing our contract, policies and practices with ES&S. We are taking steps to make certain this can never happen again.”

This isn't the first time UpGuard found voter data sitting out in the open on AWS. Earlier this year the security firm caught a Republican analytics company who failed to put any access restrictions on an S3 instance that contained the personal details of nearly 200 million US voters within a 1.1TB database collected prior to the 2016 presidential election. ®

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by VLM on Saturday August 19 2017, @12:43PM (10 children)

    by VLM (445) Subscriber Badge on Saturday August 19 2017, @12:43PM (#556334)

    Its Chicago, people like Dillinger, Obama, Al Capone, Mayor Daley came from there. Illinois is basically Chicago plus some farms, kinda like the state of NY vs NYC, and all governors of Illinois retire to prison after their terms (its kinda ridiculous).

    It would be interesting to obtain the voting records and rub them up against various more trustworthy databases like the social security death index or DHS e-verify. I mean everyone knows Chicago is corrupt but it would be interesting to determine numbers.

    Alternately, given vast databases that have historically been released I wonder how hard it would be to put up a "hit job" on the Chicago guys releasing a DB that kinda looks sorta valid. Would not be surprised if ES&S gets replaced by someone better connected to the right people real soon now.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by Geezer on Saturday August 19 2017, @12:49PM (1 child)

    by Geezer (511) on Saturday August 19 2017, @12:49PM (#556335)

    Not a lot of people would care. All those dead Cook County voters are beyond earthly woes.

    As the fabled columnist Mike Royko once said, Graceland Cemetery is the most reliable voting bloc in the city.

    • (Score: 3, Funny) by VLM on Saturday August 19 2017, @01:22PM

      by VLM (445) Subscriber Badge on Saturday August 19 2017, @01:22PM (#556343)

      Not a lot of people would care.

      Might be some novelty to it. My Great Grandfather lived there until he died in '75 and it would be mildly interesting to know who he voted for last year. I would assume he voted for Hillary, would be interesting to have a seance to debate him about that, LOL.

  • (Score: 1, Troll) by Ethanol-fueled on Saturday August 19 2017, @02:09PM (6 children)

    by Ethanol-fueled (2792) on Saturday August 19 2017, @02:09PM (#556357) Homepage

    I'm sure all the Tyrones and Laqueeshas who voted Democrat either don't care or don't know because they have no money to steal and no computer to read the news that their information was stolen.

    They're all out committing robberies and homicides anyway, unless it is the first of the month, in which case they're gettin' their hair and nails did.

    • (Score: 2) by VLM on Saturday August 19 2017, @02:28PM (3 children)

      by VLM (445) Subscriber Badge on Saturday August 19 2017, @02:28PM (#556361)

      An interesting hollywood movie plot variation on that idea is due to "income inequality only goes up" and similar baby boomer things, most of the stolen data is in fact completely worthless as EthOH-fueled points out, so the thieves do a simple database query and release most of the criminally worthless data to prove they have all the real data, then hold the real data hostage for blackmail payment. "The establishment" hates bitcoins so we'll make the blackmail payable in BTC. I've seen worse hollywood movies.

      I'm halfway motivated to try and get a copy of the data to run some demographic queries against it to verify or disprove some fun movie plots. It would be interesting to know if the demographics of the data match whats believed to be known about the demographics of Chicago. Of course, the more elaborate the plot required, the more likely its just coincidence rather than conspiracy theory.

      • (Score: 2, Interesting) by Ethanol-fueled on Saturday August 19 2017, @02:37PM (2 children)

        by Ethanol-fueled (2792) on Saturday August 19 2017, @02:37PM (#556363) Homepage

        I rolled out my own MySQL database when all the Ashley Madison data was released, man was that a fuckton of data. Some queries were so slow that I halted them mid-query (could have used some optimization, but meh.)

        Of interest to me at the time were my friends, family, and people who went to my school. Found no friends and family and unfortunately nobody I knew from my school (though for the school there were around 14 or so hits including a married professor)

        • (Score: 0) by Anonymous Coward on Saturday August 19 2017, @02:47PM

          by Anonymous Coward on Saturday August 19 2017, @02:47PM (#556368)

          Was that a Metric or Imperial fuckton?

        • (Score: 0) by Anonymous Coward on Saturday August 19 2017, @03:14PM

          by Anonymous Coward on Saturday August 19 2017, @03:14PM (#556372)

          Stupid people tend to cluster together.

    • (Score: 0) by Anonymous Coward on Saturday August 19 2017, @03:12PM

      by Anonymous Coward on Saturday August 19 2017, @03:12PM (#556371)

      That seems very stupid.

    • (Score: 0) by Anonymous Coward on Sunday August 20 2017, @06:29AM

      by Anonymous Coward on Sunday August 20 2017, @06:29AM (#556601)

      Felons can't vote

  • (Score: 0) by Anonymous Coward on Saturday August 19 2017, @02:45PM

    by Anonymous Coward on Saturday August 19 2017, @02:45PM (#556367)

    To be fair, Al Capone was from Brooklyn. He just knew a sweet opportunity in Chicago when he saw it.