- The man who sold shares of himself on the internet 4 Years Ago
- The rise of the conservative ‘mancast’ in a world of changing masculinity Today 6:00 AM
- Amazon’s ‘Troop Zero’ gives the underdog movie a stylized re-do Today 4:20 AM
- No, the first words of Trump’s tweets don’t match up to lyrics of ‘Break My Stride’ Sunday 10:28 PM
- White woman demanding strangers ‘repent’ for Christ sparks conversation on mental illness and racism Sunday 9:27 PM
- Amtrak employee asked a NAACP lawyer to move from her train seat Sunday 7:54 PM
- Billie Eilish fans riot after being referred to as ‘Avocados’ Sunday 4:37 PM
- Beyhive coming for Sainsbury’s supermarket over Ivy Park shade Sunday 3:17 PM
- Antique store blasted for selling ‘white only’ signs Sunday 1:45 PM
- DaBaby explains altercation with hotel employee after video goes viral Sunday 12:32 PM
- Kanye faces backlash for headlining Christian event with anti-LGBTQ leaders Sunday 10:31 AM
- Why is Yennefer of Vengerberg so different in Netflix’s ‘The Witcher’? Sunday 10:00 AM
- Actress slammed for ‘acid attack-face’ TikTok challenge Sunday 9:46 AM
- ‘Weathering With You’ blends fantasy and realism in a magical love story Saturday 6:18 PM
- Kidnapped teen used Snapchat to get rescued Saturday 4:35 PM
Leaky database tramples privacy of 191 million American voters
Full names, phone numbers, addresses, party affiliations, and more.
The voter information of more than 191 million Americans—including full names, dates of birth, home addresses, and more—was exposed online for anyone who knew the right IP address.
The misconfigured database, which was reportedly shut down at around 7pm ET Monday night, was discovered by security researcher Chris Vickery. Less than two weeks ago, Vickery also exposed a flaw in MacKeeper’s database, similarly exposing 13 million customer records.
“Don’t let anyone try to dismiss this as, ‘Oh, it’s just mostly public records.’”
According to researchers, the voter database contained voters’ names (first, middle, and last), home addresses, mailing addresses, phone numbers, dates of birth, sex, ethnicity, party affiliation, and whether the person voted in primary or general elections.
It did not, however, include Social Security numbers, driver’s licenses numbers, or any financial records, according to sources with firsthand knowledge of the dataset. An “almost-complete” screenshot of a voter record, which was redacted to protect the voter’s identity, reveals dozens of field entries containing an array of personal information.
In total, the leaky database contained more than 191,337,170 records, which dated as far back as 2000.
Its existence was first reported by Dissent, the pseudo-anonymous blogger at DataBreaches.net, and information-security journalist Steve Ragan. Both Vickery and Ragan confirmed locating their own personal data among the records. Vickery reportedly responded with outrage. “How could someone with 191 million such records be so careless?” he asked Ragan.
Attempting to locate the source, Ragan reached out to more than a half-dozen political firms, including Catalist, Political Data, Aristotle, and L2 Political. Each denied ownership of the IP address on which the database was found.
After noticing a few of the data field labels appeared to be proprietary, Vickery and Dissent reached out to NationBuilder, a company formerly overseen by Joe Green, an entrepreneur who years prior launched Causes.com, along with former Facebook president Sean Parker.
NationBuilder likewise denied ownership of the “inadvertently accessible” database in a statement on Monday, but added, nevertheless, it may correlate with data it gave freely to campaigns.
“We do not provide access to anyone for non-political purposes or that would violate any state’s laws.”
“While the database is not ours, it is possible that some of the information it contains may have come from data we make available for free to campaigns,” said CEO Jim Gilliam, of the database found by Vickery. “From what we’ve seen, the voter information included is already publicly available from each state government so no new or private information was released in this database.”
Added Gilliam: “We strongly believe in making voter information more accessible to political campaigns and advocacy groups, so we provide cleaned versions of that publicly accessible information to them for free. We do not provide access to anyone for non-political purposes or that would violate any state’s laws.”
“Don’t let anyone try to dismiss this as, ‘Oh, it’s just mostly public records,’” Dissent told the Daily Dot on Monday. In the wrong hands, she said, the database could put at risk law enforcement officers, domestic abuse victims, and employees whose bosses are staunchly partisan.
“Some voter information needs to be public record for accountability and to keep elections honest,” Dissent added, “but maybe party affiliation shouldn’t be part of state voter registration anymore. Let people sign up with parties separately and let the parties keep their own lists.”
Both Dissent and Vickery reached out to the California Attorney General’s Office for assistance, since California voters are among those exposed, as well as federal law enforcement.
Citing a policy intended to preserve the integrity of investigations, a spokesperson for Attorney General Kamala Harris would neither confirm nor deny her office was looking into the database. The Federal Bureau of Investigation declined to comment as well.
Dissent said she believes the database should catalyze a debate over whether there should be new rules about posting voting lists online. “One state, South Dakota, prohibits it,” she said. “Maybe the other states should follow their lead on that.”
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.