Chris Vickery, a security researcher at UpGuard, discovered that nearly 198 million U.S voters were kept exposed on an unsecured Amazon S3 server. The researcher says that the data included sensitive details of the voters. Chris Vickery is the researcher who previously discovered the data leak of 100 million Mexican voters.
This is largest data leak till date which exposes details of around 60% American voters. The responsibility of the data was given to the Deep Root Analytics(DRA), which is a data analytics firm employed by the US Republican National Committee(RNC).
The Deep Root founder Alex Lundry in response to the discovery says to Gizmodo “We take full responsibility for this situation.”
Vickery discovered the data leak on 12th of June and reported to Deep Root about the unsecured server. The Deep Root in response configured the server within two days of the notification. The company was paid nearly a million dollars for the work during the election.
The UpGuard in their report said, “The data repository, an Amazon Web Services S3 bucket, lacked any protection against access. As such, anyone with an internet connection could have accessed the Republican data operation used to power Donald Trump’s presidential victory, simply by navigating to a six-character Amazon subdomain: “dra-dw”.”
According to the report with DeepRoot the two other contractors who organized the data of the U.S voters were Data Trust and TargetPoint Consulting Inc, also Target Point was paid around 4.2 million during the election for their work.
The report also says that around 1.1 terabytes of data was downloadable, which included two critical directories “data_trust” and “target_point” having text equivalent to 10 billion pages of text.
The folder “data_trust” consisted two primary folders, 256 GB folder for the 2008 presidential election and a 233 GB folder for 2012, each containing fifty-one files – one for every state.
There was a small folder “Post-Elect2016” which mainly included voters’ views on topic like “whether they voted for former President Barack Obama” and US President Donald Trump’s “America First” foreign policy.
These kind of data leaks are not rare and been happening for a long time.
Get a free Ebook on What Hackers do not want you to know here.