The GOP’s 2016 presidential upset wasn’t surprising just because it put Donald Trump in the White House; it also proved the party had vastly improved its ability to exploit data, including precision ad targeting campaigns on Facebook. Now comes the fallout of all that information hoarding: A California-based security researcher says Republican-linked election databases were inadvertently exposed to the entire internet, sans password, potentially violating the privacy of almost every single registered voter in the United States.
The data trove was apparently made public by accident by one of the data-mining companies that compiled it. It includes a mix of private information and data gleaned from public voter rolls: “the voter’s date of birth, home and mailing addresses, phone number, registered party, self-reported racial demographic, voter registration status” as well as computer “modeled” speculation about each person’s race and religion, according to an analysis provided to The Intercept.
The leak was discovered by Chris Vickery, an analyst at the U.S. cybersecurity firm UpGuard, who last year discovered an enormous breach of Mexican voter data and in 2015 a 300GB leak of records of 191 million voters. This new incident is more extensive, according the analysis, written by UpGuard:
UpGuard’s Cyber Risk Team can now confirm that unsecured databases containing the sensitive personal details of over 198 million American voters was left exposed to the internet. The data, which was stored in a publicly accessible cloud server owned by Republican data firm Deep Root Analytics, included 1.1 terabytes of entirely unsecured personal information compiled by DRA and at least two other contractors, TargetPoint Consulting, Inc. and Data Trust. In total, the personal information of nearly all of America’s 200 million registered voters was exposed, including their names, dates of birth, home addresses, phone numbers, and voter registration details, as well as voter ethnicities and religions as “modeled” by the firms’ data scientists.