In 2014, there were 142.2 million people registered to vote in the United States, according to the U.S. Census Bureau. Forbes is reporting that a database containing 191 million voter records, which includes personal data, has been found, available for anyone to access, online by a “whitehat hacker” named Chris Vickery.
It appears that the personal details of “every registered U.S. voter” are publicly available online. When asked to pull up details on random people by Forbes, Vickery was easily and quickly able to retrieve their names, addresses, birth dates, telephone numbers, and party affiliations, with data appearing to date as early as 2000. Reportedly, no financial information or social security numbers are included in the leaked information.
Vickery has reportedly been unable to pinpoint where the data came from and who might have made it available online. Some attributes of the database led Vickery and researchers with DataBreaches.net to pursue NationBuilder, which has been said to produce similar databases in the past. NationBuilder CEO Jim Gilliam has reportedly stated that IP addresses associated with the database were not associated with the group’s customers, but that it is possible that a customer working on a “non-hosted” system could have produced it.
“From what we’ve seen, the voter information included is already publicly available from each state government so no new or private information was released in this database,” Gilliam was quoted.
A long list of potential suspected political groups have denied responsibility for the voter data leak, including NGP VAN, Political Data, L2 Political, Aristotle, and Catalist.
Vickery and DataBreaches.net were reported to have made reports with the FBI in New York. Forbes reported that the FBI recommended making a report with the Secret Service, which was said to offer no response. DataBreaches.net was said to have made reports with the California Attorney General’s office as well, according to CNET.
Information contained in voter records is a matter of public record in many states. South Dakota specifies that voter information may not be placed on the Internet for “unrestricted access” or “commercial purpose.” California has some of the strictest laws protecting voter information in the country, where records are private and may only be accessed “under certain circumstances.”
“I deal with criminals every day who know my name. The thought of some vindictive criminal being able to go to this site and get my address makes me uncomfortable,” an anonymous police officer was quoted. “I’m also annoyed that people can get my voting record. Whether I vote Republican or Democratic should be my private business.”
A Twitter user pointed out that an abusive ex-spouse could use the information to locate a previous partner who does not wish to be found. For that matter, with the information available on the Internet, just about anyone can.
The exposed voter records are said not to include who the voter actually voted for, but that party affiliations are available, which may make determining who an individual likely voted for a simple task. It is noted that the information could be particularly useful during an “issues-oriented campaign.”
Just last week, Chris Vickery exposed that the personal information, including e-mail addresses, user names, and password hints of 3.3 million users registered to the website of SanrioTown.com, home to Hello Kitty, was freely available online, according to CNET. Vickery also recently found a hole allowing the personal information, including usernames and e-mail addresses, of 13 million MacKeeper users to be freely accessed online, as reported by CNET. The MacKeeper software, perhaps ironically, is a suite of security programs aimed at making Mac users safe and secure online.
[Photo by Scott Olson/Getty Images]