Attackers plowed through a firewall and network to get to a database and pilfer 154 million U.S. voter records, a researcher said.
A company named L2, which builds, manages, and sells access to U.S. voter records, held the database that ended up hacked, said MacKeeper security researcher Chris Vickery with the help of a reporter for the Daily Dot.
When the two inquired about the unprotected database exposed online without password protection, L2 said it belonged to one of their clients.
L2 notified the client, who then said they ended up compromised by a hacker, who took down their firewall. Without the firewall between the database and the public Internet, anyone knowing the database’s IP address or scanning for unprotected CouchDB servers would have access to it.
This particular database was on a Google Cloud server, and Vickery said in a published report, it contained details on over 154 million U.S. voters.
For each database entry (U.S. citizen) the following information was included: address, city, state, ZIP code, age, estimated income, ethnicity, first name, last name, gender, political party association, phone number, voting frequency, congressional and State Senate district affiliation.
For some users, the database also included fields that stored information about their income, likelihood to have children, email addresses, Facebook profile URLs, and if the voter owned a gun.
L2 informed the client, who took down the database. L2 officials said the database contained one-year-old information and did not include the full dataset that L2 collects from U.S. voters.
The hacked client also started an investigation into the incident. No one knows the motives behind the attack.
This is the third public data leak of U.S. voter records. Last December, Vickery found a misconfigured MongoDB database that exposed details of 191 million U.S. voters. In January, he found a second MongoDB database exposing records for over 56 million voters.