- GOP pollster bothered by broken elevator in Austria blames socialism 2 Years Ago
- YouTuber renames small town ‘Gay Hell’ to defy Trump Pride policy 2 Years Ago
- John Cusack blames Twitter bot for anti-Semitic tweet 2 Years Ago
- YouTube rapper who glorifies pimping has been charged with human trafficking 2 Years Ago
- Amy Klobuchar lists net neutrality as part of her 100-day plan for presidency Today 8:54 AM
- Reddit just banned the NBA Streams subreddit Today 8:17 AM
- How to watch ‘Drunk History’ for free Today 8:00 AM
- Netflix’s ‘Unit 42’ soars on the chemistry of its unlikely lead partners Today 7:30 AM
- How to watch ‘Good Trouble’ for free Today 7:00 AM
- It’s time for Pete Buttigieg to claim his status as Short King Today 6:30 AM
- The best foreign-language TV shows on Netflix Today 6:00 AM
- Hasan Minhaj explains why your internet sucks in ‘Patriot Act’ episode, puts it on DVD Monday 8:41 PM
- Hackers got control of Dylan Sprouse’s Twitter account, posted offensive content Monday 7:38 PM
- Twitch is suing the trolls who flooded the platform with porn and Christchurch shooting footage Monday 6:55 PM
- Cat filter turns Pakistani politicians’ press conference into frisky business Monday 6:12 PM
Photo via Gino Santa Maria/Shutterstock (Licensed)
The exposure was closed one day after it was discovered.
Cybersecurity firm UpGuard discovered the vulnerability on Aug. 11 on an Amazon Web Services device where data was left out in the open to be downloaded by anyone with the correct web address. The leak, first reported by Gizmodo, contained the names, addresses, date of birth, partial social security numbers, and state ID info of Chicago residents. The data was not protected by a password.
UpGuard notified state authorities and the FBI earlier this week as soon as it found the breach. The data files were then downloaded by a cyber risk analyst who pinpointed their origin. Federal officials then looped in ES&S, which began an investigation with help from UpGuard. The company assured the breach did not contain ballot information or vote totals, and that it had no impact on the election.
“The company is in the process of reviewing all procedures and protocols, including those of its vendors, to ensure all data and systems are secure and prevent similar situations from occurring,” ES&S said in a statement. ES&S secured the files and shut down the server on Aug. 12, one day after the leak was discovered.
In a similar leak in June, a data analysis contractor hired by the Republication National Committee left nearly 200 million Republican voters exposed on an Amazon server. UpGuard discovered the 25TB database and helped Deep Root Analytics patch up its system.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.