Researchers from Anomali and Intel 471 say they have discovered 23 million US voter records for sale in a Dark Web hacking forum – including personal and voting history information. 

The seller of the voter registration databases from 19 different states also advertises that weekly updates of the data come from contacts within state governments. "Certain states require the seller to personally travel to locations in-state to receive the updated voter information. This suggests the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum," Anomali said in a detailed report on the sale.

While some US voter registration information is available for purchase by legal means and specifically only to political campaigns, journalists, and academic researchers, an underground sale is not a legitimate or legal operation, according to the researchers.

"With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large scale identity theft," said Hugh Njemanze, chief executive officer of Anomali. 

Read the full report here.

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Recommended Reading: