A poorly configured database exposing the personal information of over 191 million registered voters was reported Monday by an independent Internet watchdog web site.
The database, containing personal, public and some non-public information, is still exposed, according to the site DataBreaches.net. The site reported that so far, efforts to identify the owner of the prolific database have been unsuccessful.
Researcher Chris Vickery, an Austin-based tech specialist, reported the misconfigured database with 191,337,174 Americans’ voter information to DataBreaches.net on Dec. 20. The researcher said he was alarmed to find his own information, which he confirmed was entirely accurate, in the database.
"The alarming part is that the information is so concentrated," Vickery said in an interview with Reuters.
Though voter data is for the most part public information, compiling a list containing the information of all American voters would be costly and time-consuming. Vickery said he consulted a marketing firm, which said a database that large would cost about $270,000.
Criminals have been known to use such databases in financial schemes, and the recent DNC voter data breach scandal demonstrates how important voter data is as a political tool.
Though it contains no Social Security numbers, driver’s license numbers or financial information, the database does include full names, dates of birth, party affiliations, phone numbers and email addresses.
A preliminary investigation by Vickery and DataBreaches.net led them to reach out to NationBuilder, the online service of 3dna, Corp., to see if the database was one of their databases.
But Ben Handzo, Product Director at NationBuilder, reported back to DataBreaches.net that the IP address was not one of their IP addresses. Nor, he said, was it an IP address for any of the company’s hosted clients.