Data on 1.8M Chicago voters exposed

Data on 1.8M Chicago voters exposed
© Getty Images

An election systems company accidentally left personal information on what appeared to be nearly 2 million current and former Chicago voters online without any form of security.

The 1.8 million records, voter names, addresses, phone numbers, drivers license numbers, party affiliations, dates of birth and partial Social Security numbers were in an Amazon cloud account owned by Nebraska-based voting machine firm Election Systems & Software (ES&S) that the company had configured to allow public access.

ADVERTISEMENT

Researchers at the security company UpGuard, Director of Strategy Jon Hendren and Director of Cyber Risk Research Chris Vickery, made the discovery on Friday last week. They notified the city of Chicago and ES&S. A corporate blog from UpGuard announcing the find Thursday praised both for quickly responding to the problem.

Misconfigured cloud services are a common security problem. Anyone who knew the web address would have access to the files. 

Though Hendren made the initial discovery, Vickery is well known for sifting through public cloud accounts to find these kinds of misconfigured accounts. Previously, he discovered a database of 198 million voters compiled by a conservative campaign contractor, a commercial database of potential terrorists, and sensitive information on military projects.