Data leak exposes 1.8 million US voters' private information

A supplier of US voting machines has confirmed a major data leak that has seen the details of more than 1.8 million voters in the state of Illinois exposed.

The leaked data includes full names, addresses, dates of birth, social security numbers (albeit partial), as well as party affiliations. In some cases even ID numbers and driver license numbers were exposed.

The breach was exposed by a security expert from UpGuard. Jon Hendren noticed that an Amazon Web Services device wasn't password protected. The company, Election Systems & Software (ES&S), posted about the leak on its website.

It was said that the FBI started an investigation, as well, "to perform thorough forensic analyses of the AWS server."

ES&S said the AWS server did not include "any ballot information or vote totals and were not in any way connected to Chicago’s voting or tabulation systems.” The company stressed that the leak had “no impact on the results of any election."

This is not the first time UpGuard has uncovered a voting database leak. Back in June, Gizmodo reported how the company discovered a huge unsecured database of almost 200 million US voters. That leak was linked to Deep Root Analytics, a "conservative data firm contracted by the Republican National Committee during the 2016 election."

UpGuard CEO Mike Baukes told Gizmodo: "ES&S was able to secure the data promptly and issue a public statement with the details of the exposure, aiding the UpGuard Cyber Risk Team in our mission of ensuring that exposed information is secured. By working with enterprises like ES&S to swiftly close such exposures, UpGuard will continue to raise awareness about the issues of cyber risk affecting the digital landscape today."

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.

Image Credit: maxkabakov / depositphotos.com