Show vulnerabilities with patch / with exploit
23 June 2016

Voter Database 2.0. Exposed personal information of 154 million US citizens


Voter Database 2.0. Exposed personal information of 154 million US citizens

In December 2015 we have received reports on exposure of 191 million records of US citizens. The so-called Voters database contained names, addresses, dates of birth, etc. of adult voters.

The same researcher Chris Vickery from MacKeeper reported another leak. This time information of 154 million US citizens was publicly open due to faulty configuration of CouchDB.

The new database belongs most likely to some political party due to information, contained in it. The database was hosted on Google and contained full address, name, age, estimate income, ethnicity, gender, supported political party, phone number, email, marital status, information about gun possession, number of times the person has voted before, addresses of Facebook profiles.

Researchers suspected that the data was leaked by L2, they contacted the organization and the database was put offline.

Below is a screenshot of database record posted by Daily Dot:


This is not the first issue related to incorrect database security configuration. The database vendors should do something about it, and very soon. Otherwise we will see more of such leaks and this could end badly.

We at Cybersecurity Help encourage our readers not to trust too much into your firewall and do implement an additional level of protection (at least logins and passwords) when accessing your databases.

Back to the list

Latest Posts

Weekly security roundup: June 1, 2020

Weekly security roundup: June 1, 2020

Exim vulnerability exploited by the Sandworm hackers, a new StrandHogg 2.0 bug found in Android, and more
1 June 2020
Joomla admits security breach affecting over 2,000 users

Joomla admits security breach affecting over 2,000 users

The breach occurred after a member of the JRD team left a full backup of the JRD site on a third-party company Amazon Web Services S3 bucket.
1 June 2020
Octopus Scanner malware compromises open source projects in a massive GitHub supply chain attack

Octopus Scanner malware compromises open source projects in a massive GitHub supply chain attack

The Octopus Scanner malware campaign has been going on for years.
1 June 2020