VirtuallySurreal
Tech Services

GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters [Gizmodo/KnowBe4]

V_S
2017-06-20 06:47 AM Comment(s)

Full Gizmodo Article - http://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612


Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.

The data leak contains a wealth of personal information on roughly 61 percent of the US population. Along with home addresses, birthdates, and phone numbers, the records include advanced sentiment analyses used by political groups to predict where individual voters fall on hot-button issues such as gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity.


KnowBe4, a security awareness and training company, had some further information and advice:


Who got their hands on this data?

It's not clear. What we know for sure is that UpGard's Chris Vickery found it. Twelve days on the Internet is a very long time. Bad guys are scanning for misconfigured databases 24/7 so the chances are high.

In a statement, Deep Root founder Alex Lundry told Gizmodo, “We take full responsibility for this situation.” He said the data included proprietary information as well as publicly available voter data provided by state government officials. “Since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access,” Lundry said.


Voter data on 198 million (yes that's million) US Citizens was improperly stored and freely available for 12 days on the internet. There has never been a data breach this big. The information includes birthdates, home addresses, telephone numbers, political views, suspected religious affiliations, ethnicities, where they stood on topics like gun control, the right to abortion and stem cell research.


This type of data can easily be used for nefarious purposes, from identity fraud to harassment or intimidation of people who hold an opposing political view. Worst of all, if bad guys have gotten hold of this data, they can send highly personalized phishing attacks to you, looking like something totally legit.

At this point, from here on out, treat any email you get at the house or the office with a healthy dose of suspicion and ask yourself if it could be a scam. Do not click on links in emails and do not open attachments you did not ask for.  Remember, Think Before You Click!