Researchers at a German security firm have discovered that hackers stole a database containing personal information belonging to more than 19 million California voters — approximately the state’s entire electorate — and demanded a ransom in bitcoin. [International Business Times]
The database, an Amazon Web Services file at least 4GB in size, contained voter records with full names, addresses, phone numbers, dates of birth and voting precincts. The database, however, did not appear to contain Social Security numbers or any financial information, according to the Kromtech Security Center.
Earlier this year, Kromtech collected samples from the database while scanning thousands of servers that had become publicly available because of misconfigurations. Researchers say that by the time they started examining the sample, cyber criminals had hijacked the original database. That made it impossible to identify the original owner, according to Kromtech.
Kromtech researchers discovered a ransom note demanding .2 bitcoin, which is worth approximately $3,500 at the current value of the digital currency.
“Your DataBase is downloaded and backed up on our secured servers,” the note states. “To recover your lost data: Send .2 BTC to our BitCoin Address and Contact us by email with your MongoDB server IP Address and a Proof of Payment. Any email without your MongoDB server IP Address and a Proof of Payment together will be ignored. You are welcome!”
The voter data hack is believed to be part of a wave of ransom attacks targeting vulnerable and public-facing databases.
Kromtech researchers additionally discovered a second, larger unsecured database that contained 409 million records, which included voting district information with county codes and registrant ID numbers. Researchers theorized the second database is a complete collection of all California voter registration records.
The California Secretary of State’s Office responded to the discovery by telling Kromtech it is “looking into it.”
Bob Diachenko, Krmotech’s head of communications, said the data breach is a wake up call for Californians.
“This is a massive amount of data and a wake up call for millions of citizens of California who have done nothing more than fulfill the civic duty to vote,” Diachenko said. “This discovery highlights how a simple human error of failing to enact the basic security measures can result in a serious risk to stored data. The MongoDB was left publicly available and was later discovered by cyber criminals who seemed to steal the data, which origin is still unknown.”