23 June 2016

Voter Database 2.0. Exposed personal information of 154 million US citizens


Voter Database 2.0. Exposed personal information of 154 million US citizens

In December 2015 we have received reports on exposure of 191 million records of US citizens. The so-called Voters database contained names, addresses, dates of birth, etc. of adult voters.

The same researcher Chris Vickery from MacKeeper reported another leak. This time information of 154 million US citizens was publicly open due to faulty configuration of CouchDB.

The new database belongs most likely to some political party due to information, contained in it. The database was hosted on Google and contained full address, name, age, estimate income, ethnicity, gender, supported political party, phone number, email, marital status, information about gun possession, number of times the person has voted before, addresses of Facebook profiles.

Researchers suspected that the data was leaked by L2, they contacted the organization and the database was put offline.

Below is a screenshot of database record posted by Daily Dot:


This is not the first issue related to incorrect database security configuration. The database vendors should do something about it, and very soon. Otherwise we will see more of such leaks and this could end badly.

We at Cybersecurity Help encourage our readers not to trust too much into your firewall and do implement an additional level of protection (at least logins and passwords) when accessing your databases.

Back to the list

Latest Posts

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

Cybercriminals use VoIP platforms to target company employees.
19 January 2021
IObit forum hacked in a DeroHE ransomware attack

IObit forum hacked in a DeroHE ransomware attack

It is unknown, how the hackers managed to compromise the forum, but it is possible that they gained access to an administrative account.
19 January 2021
OpenWrt Project discloses data breach

OpenWrt Project discloses data breach

The hackers gained access to an administrator account on the OpenWrt forum and stole a copy of the user list.
19 January 2021