Submitted via IRC for SoyCow4408
A massive trove of voter records containing personal information on millions of Texas residents has been found online.
The data — a single file containing an estimated 14.8 million records — was left on an unsecured server without a password. Texas has 19.3 million registered voters.
It's the latest exposure of voter data in a long string of security incidents that have cast doubt on political parties' abilities to keep voter data safe at a time where nation states are actively trying to influence elections.
TechCrunch obtained a copy of the file, which was first found by a New Zealand-based data breach hunter who goes by the pseudonym Flash Gordon. It's not clear who owned the server where the exposed file was found, but an analysis of the data reveals that it was likely originally compiled by Data Trust, a Republican-focused data analytics firm created by the GOP to provide campaigns with voter data.
Chris Vickery, director of cyber risk research at security firm UpGuard, analyzed a portion of the data. (It was Vickery who found a larger trove of 198 million voter records last year exposed by a similar data firm Deep Root Analytics, which sourced much of its data from Data Trust.)
A spokesperson for Data Trust declined to comment on the record, but later gave a statement to the Austin American-Statesman denying a breach of its systems.
Source: https://techcrunch.com/2018/08/23/millions-of-texas-voter-records-exposed-online/
(Score: 1, Insightful) by Anonymous Coward on Thursday August 30 2018, @12:15PM (2 children)
So there was no breach at Data Trust and the exposed data is probably just a subset of Data Trust's actual vault?
The much more interesting question then becomes: by what parameters was that subset of voters selected? For whom and for what purpose? (... who then managed to have it "freed" from them ...)
PS: couldn't RTFA since that would have required opting in to tracking and ads across the web (thanks GDPR, for forcing the site into alerting me to this!)
(Score: 0) by Anonymous Coward on Thursday August 30 2018, @01:59PM (1 child)
Compared to before the GDPR, where you were opted in automatically.
(Score: 0) by Anonymous Coward on Thursday August 30 2018, @03:00PM
Exactly!
My "Thank You" was honest, not sarcastic.