Report: 191 Million Voter Records Exposed In Database Configuration Issue

share on:
hacking concept: man using a laptop with password on on the screen

A Reditt user, Chris Vickery, has posted that they had found the addresses, date of birth, phone numbers and more for 191 million registered voters in America due to a database configuration issues .  The user has updated their Reditt post to indicate that the database is now offline.

I’m Chris Vickery. I know your phone number, address, date of birth, and more (if you’re registered to vote in the US).

I have recently downloaded voter registration records for 191 million Americans from a leaky database. I believe this is every registered voter in the entire country. To be very clear, this was not a hack.

The mysterious, insecure database is currently configured for public access. No password or other authentication is required at all. Anyone with an internet connection can grab all 300+ gigabytes.

We’re talking about first name, middle name, last name, home address, mailing address, phone number, date of birth, party affiliation, and logs of whether or not you voted in primary/general elections all the way back to 2000. I looked myself up in the Texas table. It’s accurate.

It is not known whether or not “high risk professionals” are included in this database. However, I have looked up several police officers in my city, and their data is indeed present.

I’ve been working with journalists and authorities for over a week to get this database shut down or secured. No luck so far.

CSO reports that while the database did not contain drivers license or Social Security numbers, it does contain a large amount of personal data.

The database contains a voter’s full name (first, middle, last), their home address, mailing address, a unique voter ID, state voter ID, gender, date of birth, date of registration, phone number, a yes/no field for if the number is on the national do-not-call list, political affiliation, and a detailed voting history since 2000. In addition, the database contains fields for voter prediction scores.

CSO goes on to say that much of the data is public record; however, states often charge money for the data and make those requesting the data confirm that they are using the data for political and non-commercial purposes.  With this data not being password protected, anyone could potentially gain access to in.

All voter information, except for a few elements protected by law in some states, is public record. For example, in Ohio, voter records are posted online. Other states make obtaining voter records a bit more challenging or outright expensive, but they’re still available. For the most part, voter data is restricted to non-commercial purposes.

While the data may be able to be requested by each state, unprotected data can get in the hands of people that could otherwise not qualify to get the data.  Recently, in Georgia, a more serious data handling issues occurred when over 6 million voter records that included drivers license and Social Security numbers were accidentally released to political parties by the Georgia Secretary of State’s office.

Photo Credit: georgejmclittle/ Dollar Photo Club