Data of 154,000,000 American votes stolen by hackers may be used in phishing attacks and identity fraud2016-07-04
At present, servers in this event are all off line. However, no one knows either the attackers have successfully stolen the data or are there any other people have downloaded the data.
Security research expert of MacKeeper Chris Vickery has conducted an investigation into this incident. The Internet media Daily Dot also carried a report on this later. One of the Couch DB databases holds voting records of 154,000,000 voters, but it is not equipped with any security measures. After the attackers successfully penetrated into Couch DB network system, they undermined its firewall and got the access to the database.
Maybe not all of you have heard about Couch DB, which is an open source database management system oriented in document. It is an open source project of top-level Apache Software Foundation published under the Apache License V2.0. This open source license allows other software to use the source code and make changes as needed but only to comply with copyright notes and disclaimers. In addition, Couch DB is a distributed database which can distribute storage system to different physical nodes as well as coordinate and synchronize the read-and-write consistency of different nodes’ data.
Vickery found that a large number of voter records were stored in this database earlier this week and analyzed the operation log of this database with the help of Daily Dot reporters. He successfully traced to a company called L2, which is the company managing all the voting records of American voters.
This database without being protected by any password was exposed on the Internet. When asked about the database without any protection, L2 Company said that it was owned by their clients.
Currently, L2 has notified related customers of this event. Vickery and reporters from Daily Dot told L2 that their network system has been attacked and hackers breached their firewall system. If there is no firewall protection between database and public network, any person that knows IP address of the database or can conduct scan sniff to the unprotected Couch DB is able to access to stored data in this database.
It is understood that the database has been hosted on Google’s cloud server. Vickery said that the database also contains personal information of voters.
In this database, detailed information of each voter has been exposed out, including full name, home address, mailing address, federal election ID number, state election ID number, gender, date of birth, telephone number, voter registration data, political party and election history from 2000.
For some other voters, this database also contains information of voters’ income, whether or not may have child, email address, Facebook profile’s URL address as well as whether or not in possession of firearms.
In addition, voter information of address and telephone number seems of little value. But it can lead to serious phishing attack and identity fraud once being cross-validated and reconfigured with other personal data stolen by hackers (such as credit card account information of retail industry and personal medical history in health care industry).
L2 Company has currently informed related customers. CEO of L2 told Vickery that most of stored data in this database was from a year ago and did not contain a complete record of votes.
At present, there are voting records of over 400 million American voters being disclosed. Customers who have been attacked by hackers also began to investigate the incident. But it is still unclear whether the hackers’ target was American voting record or something else. In addition, we cannot know whether other person has downloaded data from this database.
This was the third American voters’ record data breach occurred. Last December, Vickery found a MongoDB database with incorrect configuration information. Voting records of 191,000,000 American voters were leaked from this database due to configuration problem. In January this year, he also found another MongoDB database which has leaked over 5.6 million voters’ records. Some of the leaked data is being sold in Deep Web. Cyber criminals are selling the data in exchange of Bitcoin.
In addition to the United States, other countries like the Philippines, Mexico, Turkey and Russia are also facing this problem. Attackers will hack into voter database of these countries and sell personal information of these voters. For politicians in election, voters’ information is of great value. But there has been lack of rigorous security protection on voters’ data in all these countries. The laws of some states of the United States not considering voters’ data as confidential information results in the data being obtained by the outside world using certain methods in some situations.