After repeated hacking attempts and data breach incidents, it seems hackers have succeeded in gathering a worthy chunk of data. Pilfered from 19 states, millions of records from the US voters data was allegedly found for sale on the dark web by two cybersecurity firms. One of these threat intelligent firms has revealed the details in their blog post.
Recently, two threat intelligence services, Anomali and Intel471, have found US voters data available for sale on the dark web. As stated, they discovered around 35 million records of US voters from different states. The data primarily includes personally identifiable information of the voters along with their voting history. Anomali has disclosed the details in their blog post on Monday.
Anomali reports that, though most states offer this data for legitimate uses, the sellers have put the data on the dark web for sale (something clearly not legitimate).
Explaining what sort of data the researchers found, they state,
“The databases include valuable personally identifiable information and voting history…. Purportedly, these records contain voter data including full name, phone numbers, physical addresses, voting history, and other unspecified voting data.”
Out of the 35 million records, around 23 million belongs to merely three states. While, for the remaining 16 states, the researchers did not state a specific count. Below is a snapshot of the advertisement that the researchers shared in their report. The ad shows the list of states along with the rates for the respective data belonging to them.
We already know that personally identifiable information attracts hackers. Such details help them to execute malicious plans, such as identity theft, impersonation, etc. What’s more alarming here is that the incident has taken place just a few weeks before the upcoming US elections 2018.
Explaining the risks associated with this incident, the researchers state,
“When these lists are combined with other breached data containing sensitive information, e.g., social security number and driver’s license, on underground forums it provides malicious actors with key data points for creating a target profile of the US electorate. This type of information can facilitate criminal actions such as identity fraud or allow for false submissions of changes online to voter registrations, making some legitimate voters ineligible to cast ballots. In a voter identity theft scenario, fraudsters can cause disruptions to the electoral process through physical address changes, deletion of voter registrations, or requests for absentee ballots on behalf of the legitimate voter.”
Despite being alarming, this isn’t the first threat to US voters’ security before elections. A couple of months ago, a researcher discovered Texas voters data leaked online. prior to that, we found out about the Utah voters database endured massive hacking attempts.