- Kanye’s Twitter tirade prompts apology from Drake Thursday 6:00 PM
- Listen to Pitbull cover Toto’s ‘Africa’ for the ‘Aquaman’ soundtrack—or don’t Thursday 4:55 PM
- Nancy Pelosi’s coat is the meme the resistance needed Thursday 4:39 PM
- Oprah says what was really on her mind while she ate bland chicken Thursday 4:00 PM
- Democrats predicted to go in on net neutrality when they take House Thursday 3:33 PM
- Holland Tunnel decorations are a real nightmare before Christmas Thursday 2:12 PM
- Amazon still won’t say whether ICE uses its facial recognition tech Thursday 1:13 PM
- Ninja to host Thursday Night Football Thursday 12:00 PM
- How to stream the NFL’s Week 15 for free Thursday 12:00 PM
- An undecorated room sets off a debate on Twitter Thursday 11:42 AM
- Netflix announces Taylor Swift ‘Reputation’ concert film Thursday 11:29 AM
- People are making memes out of these ‘leaked’ ‘Sonic the Hedgehog’ posters Thursday 11:12 AM
- How to watch the Liga MX final between Club América and Cruz Azul online for free Thursday 10:38 AM
- Parents shocked by KKK costumes in school play Thursday 10:11 AM
- Learn why light therapy is the key to keeping winter skin at bay Thursday 9:38 AM
Photo via Gino Santa Maria/Shutterstock (Licensed)
The exposure was closed one day after it was discovered.
Cybersecurity firm UpGuard discovered the vulnerability on Aug. 11 on an Amazon Web Services device where data was left out in the open to be downloaded by anyone with the correct web address. The leak, first reported by Gizmodo, contained the names, addresses, date of birth, partial social security numbers, and state ID info of Chicago residents. The data was not protected by a password.
UpGuard notified state authorities and the FBI earlier this week as soon as it found the breach. The data files were then downloaded by a cyber risk analyst who pinpointed their origin. Federal officials then looped in ES&S, which began an investigation with help from UpGuard. The company assured the breach did not contain ballot information or vote totals, and that it had no impact on the election.
“The company is in the process of reviewing all procedures and protocols, including those of its vendors, to ensure all data and systems are secure and prevent similar situations from occurring,” ES&S said in a statement. ES&S secured the files and shut down the server on Aug. 12, one day after the leak was discovered.
In a similar leak in June, a data analysis contractor hired by the Republication National Committee left nearly 200 million Republican voters exposed on an Amazon server. UpGuard discovered the 25TB database and helped Deep Root Analytics patch up its system.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.