WASHINGTON—Security bloggers and researchers claim to have uncovered a misconfigured publicly available database leaking the personal information of over 191 million voters.
The information contains voters’ names, home addresses, voter IDs, phone numbers and date of birth, as well as political affiliations and a detailed voting history since 2000, The Hill reported.
Voter registration lists are a matter of public record in most states, however many have regulations restricting access and use.
Security researcher Chris Vickery discovered the breach and reported it to DataBreaches.net, which has since reached out to law enforcement, as well as the California attorney general’s office.
“When one of their attorneys asked, ‘Well how much data are we talking about?’ and I read her the list of data fields and told her that we had access to voter records of over 17 million California voters, her response was ‘Wow,’ and she promptly forwarded the matter to the head of their e-crime division,” wrote DataBreaches.net.
Steve Ragan, a security blogger for the security and risk management website CSO, has also investigated the breach, noting that none of the political database firms he identified and reached out to in connection with the database claimed ownership of the IP address where the files are posted.
“What Vickery has discovered is worse” than the recent breach of Hillary Clinton’s voter data by a member of Bernie Sanders’s campaign, Ragan wrote, “because the data he discovered isn't a client score — it's a complete voter record for 191 million registered voters.”