One database from CouchDB which has records for 154 million voters was left unprotected moments after hackers had breached the network of the database and taken down its firewall. The breach was reported by various news agencies after an investigation by the MacKeeper security researcher Chris Vickery.
Vickery managed to discover the database and with help from another security researcher he managed to track it down to one company registered as L2. The company is known to build, manage, and sell access to various US voter records. After the two researchers had inquired about the missing database and its records which were exposed online, the company replied that the database was not in their hands anymore but belonged to one of their clients.
The company then notified the client, who told L2 and the researchers that they had been breached by a hacker who had managed to take down their firewall. In the absence of the firewall any person with knowledge of the database’s IP address or anyone who scanned for the unprotected CouchDB servers could get access to the database. All they need to have is public Internet because the firewall would be absent.
The database in question was hosted on a Google Cloud server, and as Vickery says, it contained 154 million voters’ details in the US.
For each entry in the hacked database, the information was provided as follows (US citizens): address, city, state, ZIP code, age, estimated income, ethnicity, first name, last name, gender, political party association, phone number, voting frequency, congressional, and State senate district affiliation.
The database also comprised of information which stored users’ information pertaining to their income, their likelihood to have children and email addresses. Facebook profile URLs were also present if the voter concerned owned a gun.
L2 managed to inform the client involved who after took down the database. The CEO for L2 also told Vickery that the database contained information that was a year old and did not reflect the full dataset that L2 collects from voters across the country.
The hacked client has started an investigation to know more about the problem. The intentions of the hacker at this moment are unknown. The hacker might have been looking to see the voters’ information, or to download the whole voters’ database simply.
The incident marks the third public data leak of the US voter records. Just last December, Vickery also found a MongoDB database which was misconfigured and contained about 191 million US voters’ records. In January he found another of the MongoDB database which was also exploited and exposed 54 million US voters’ records. Some of the data managed to make its way to the dark web, where hackers and cyber thieves were selling it for some few Bitcoins.
Other countries such as the Philippines, Mexico, Turkey, and Russia have also encountered voter database problems.