Nearly every registered American voter has been left vulnerable to theft on a public Amazon cloud server by a marketing firm contracted by the Republican National Committee (RNC).
The huge cache of sensitive personal details relating to almost 200m US citizens was accessible to anyone on the internet for 12 days this month.
Timeline for abortion
- February 24, 2017
“We take full responsibility for this situation,” said the contractor, Deep Root Analytics in a statement.
“Since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access,” Deep Root Analytics’ founder Alex Lundry told technology website Gizmodo.
Chris Vickery, a cyber-risk analyst with security firm UpGuard discovered the 1.1 terabytes of exposed, downloadable data in a spreadsheet.
The information included birth dates, home addresses, telephone numbers and political views of nearly 62 percent of the US population.
With this data you can target neighbourhoods, individuals, people of all sorts of persuasions. I could give you the home address of every person the RNC believes voted for Trump.
Vickery added that the spreadsheet contained the largest amount of data on record left vulnerable to theft he has ever found.
In terms of the disc space used, this is the biggest exposure I’ve found. In terms of the scope and depth, this is the biggest one I’ve found.
The information in the spreadsheet also “contained citizens’ suspected religious affiliations, ethnicities and political biases, such as where they stood on controversial topics like gun control, the right to abortion and stem cell research,” the BBC reported.
The State of Technology This Week
“This is deeply troubling. This is not just sensitive, it’s intimate information, predictions about people’s behaviour, opinions and beliefs that people have never decided to disclose to anyone,” Privacy International’s policy officer Frederike Kaltheuner told the BBC.
Prior to this month, the largest data breach of voter information on record was when 55m records of Philippine voters were left vulnerable to theft in April last year.