Attacks/Breaches

7/24/2017
05:00 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Voter Registration Data from 9 States Available for Sale on Dark Web

Nearly 10 million voter records sold for just $4 over last few days, according to LookingGlass Cyber Solutions.

Threat intelligence company LookingGlass Cyber Solutions says it has discovered over 40 million voter records from nine different states being traded in an underground forum for stolen credit card data and login credentials.

The voter records being offered for sale include the voter's full first, last and middle name, voter ID, birthdate, voter status, party affiliation, residential address and other details. The data belongs to voters in Arkansas, Colorado, Connecticut, Delaware, Florida, Michigan, Ohio, Oklahoma and Washington State.

Over the last two days, voter databases from at least two of the states—Arkansas and Ohio—were sold for a mere $2 each, or a total of $4 for almost 10 million voter records. That suggests financial gain is not the primary reason for the activity, according to LookingGlass.

'Logan,' the individual who has advertised the data and is selling it on a site called RaidForums, has hinted at possessing voter records for an additional 20 to 25 states, says Jonathan Tomek, director of threat research at LookingGlass Cyber Solutions.

Logan appears to have obtained the voter information through Freedom of Information Act (FOIA) requests, website requests, and also through social engineering them from states where an entity would otherwise be required to purchase the information, he says.

What makes his activities additionally illegal is his attempt to sell the data for purposes other than political purposes, he noted. Many states prohibit the republishing of voter data or the use of it for commercial purposes. Violators can face fine and prison terms of up to five years.

"Logan is not affiliated with any group to our knowledge," Tomek says. "We believe he is acting alone. I can say he is over 18, travels a bit internationally, and works for a cybersecurity company," he says.

Tomek says LookingGlass does not have information on how many people might have purchased the voter information or what they might do with it. "We do know he is actively trading this information for other stolen items such as credit cards and login credentials," he says. "The combination of the voter information plus the other data has potential to be very bad since the voter data contains birthday, home address, email, and full name."

News of the sale of millions voter records in an underground cyber forum comes amid an ongoing controversy over the Trump Administration's push to get publicly available voter registration records from each state in connection with an inquiry into potential voter fraud in last year's general elections.  A Trump appointed election integrity commission in fact met for the first time just last Wednesday to discuss next steps into the matter.

A total of 24 states have so far complied with the Trump Administration's request for voter data. But the District of Columbia and 17 states have so far refused to hand over the data. Some groups like the American Civil Liberties Union (ACLU) have sued the Trump election commission citing voter suppression fears.

The Help America Vote Act (HAVA) currently requires all 50 states to maintain a central voter file in electronic format. The content and availability of the data in these files varies dramatically by state, as can be seen in this U.S. Election Project interactive map maintained by the University of Florida, Gainesville.

Some states make all the information they have in their voter files available to those eligible to view or purchase the data. Others withhold certain information like the voter's Social Security Number, date of birth and driver's license number. As PBS noted in a report last week, 19 states consider an individual's full birth date to be part of the public record, while a voter's race and party affiliation is considered public information in six states and 32 states respectively.

Currently, only the registered parties, political committee and a candidate or their committee registered in all areas can purchase all available statewide voter data, according to the US Elections Project website. The total cost for a US citizen to purchase all available voter registration data for all states is around $126,500. Politically oriented non-profits, candidates, parties and their committee would pay around $136,000.

Related content:

 

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3812
PUBLISHED: 2019-02-19
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
CVE-2019-8933
PUBLISHED: 2019-02-19
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on ...
CVE-2019-7629
PUBLISHED: 2019-02-18
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
CVE-2019-8919
PUBLISHED: 2019-02-18
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2019-8917
PUBLISHED: 2019-02-18
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may b...