GOP data leak: Republican data firm exposed millions of U.S. voters’ personal info
- 7 years ago
ARLINGTON, VIRGINIA — A contractor for the Republican National Committee, Deep Root Analytics, has exposed the data of millions of U.S. citizens, according to a statement released by cybersecurity company Upguard. This is being called the largest breach of electoral data in the U.S. to date.
Upguard says a cyber risk analyst conducting a routine scan of cloud systems discovered an unsecure database containing personal information on 198 million American voters.
While basic data on citizens is typically open to the public, in some cases, the data specified people’s ethnicities, religious and political views, and even predictions on where they stand on certain social issues.
Republican data firm Deep Root Analytics and two other contractors had compiled 25 terabytes of data and stored it in an Amazon cloud server. One-point-one terabytes of that data was not password protected and therefore could be downloaded by any member of the public.
The database was exposed on the open web for more than 10 days before the firm was notified. It has since been secured.
The leak presents major security and privacy concerns about how firms handle large amounts of personal data.
Deep Root Analytics claims the database was exposed after the company updated its security settings. They don’t believe the information was accessed by any malicious parties, but is investigating the incident nonetheless.
Upguard says a cyber risk analyst conducting a routine scan of cloud systems discovered an unsecure database containing personal information on 198 million American voters.
While basic data on citizens is typically open to the public, in some cases, the data specified people’s ethnicities, religious and political views, and even predictions on where they stand on certain social issues.
Republican data firm Deep Root Analytics and two other contractors had compiled 25 terabytes of data and stored it in an Amazon cloud server. One-point-one terabytes of that data was not password protected and therefore could be downloaded by any member of the public.
The database was exposed on the open web for more than 10 days before the firm was notified. It has since been secured.
The leak presents major security and privacy concerns about how firms handle large amounts of personal data.
Deep Root Analytics claims the database was exposed after the company updated its security settings. They don’t believe the information was accessed by any malicious parties, but is investigating the incident nonetheless.