The latest data breach exposed the 154 million voter records which includes not only voter registration data but many personal details like addresses, Facebook profiles, income details, education, gun-ownership, age, gender, languages one knows, phone numbers and much more. This is the second data breach if its kind lately. Earlier this year there was a bigger data breach which exposed 191 million voter records in the United States.
The breach was first noticed by Chris Vickery, who works as a security researcher at the security firm MacKeeper. Vickery posted the detailed report of the data breach which says that some mis-configuration in CouchDB installation was the reason behind this breach.
While the exposed database is hosted on Google, there is still no information about who owns this database and whom to check it with. However, a detailed investigation verified that the breached database was linked to a Voter Mapping company L2 Political which specializes in accurate voter data and modeled issued data processing. The database is now secured.
Vickery explained in his report saying,
“On Tuesday, June 21st, 2016, I sent an email to every L2 email address I could easily locate notifying them of the situation. In my email I put forth the theory that a client of theirs was hosting data purchased from L2 in an insecure manner and asked for L2’s assistance in getting it taken down. I also attached a screenshot as proof of my findings. It turns out that my hypothesis was correct and L2 was more than willing to help me track down the client at fault”.
Head over to the official MacKeeper Blog to check the detailed report.