This will make life a lot easier for folks trying to steal tax refunds.
A massive cloud-hosted database containing personal information on nearly 200 million people in America was left wide open by consultants hired by the US Republican National Committee, it is claimed. Security firm UpGuard said the records of 198 million US voters, including dates of birth, addresses and phone numbers, were …
This will make life a lot easier for folks trying to steal tax refunds.
We expect Govt to regulate Data Protection, IoT, General-Privacy, Security etc... Who are we kidding... Govt is the weakest link in the Chain. Where's the 'Singularity-Meltdown-Doomsday-Clock' icon....
This should be a wake up call for anyone migrating. All it takes is one mistake by a contractor and chaos! Can't wait for GDPR, its going to be a bloodbath. Or will global Corps just ship data outside EU before leaking it?
"Can't wait for GDPR, its going to be a bloodbath."
Perhaps a wake up call to tell a few businesses that shifting everything overseas and into the cloud isn't actually the silver bullet they think it is.
No, Dumb as Shit and now Deep in Shit Analytics after this. This is what's wrong with America. No idiot should have access to this kind of data:
....."Sensitive personal details relating to almost 200 million US citizens have been accidentally exposed by a marketing firm: Birthdates, home addresses, telephone numbers and political views of nearly 62% of the entire US population, the data also contained citizens' suspected religious affiliations, ethnicities and political biases, such as where they stood on controversial topics like gun control, the right to abortion and stem cell research. "....
I wonder how you determine the stance of 200,000,000 individuals on controversial topics?
One more I'd like to see more information on: Some Democrats in the house all used the same individuals for IT Support and they seem to have been dodgy at best. A lot of questions there, and also a lot of stonewalling.
Wakey wakey Neo....
I guess this explains why nobody bothered hacking the RNC.
It was the Russians which didn't do it.
You're a bit behind the times Rich, it was the North Koreans who didn't do it, not the Russians.
Voter registration data in the US is already quasipublic - states won't give it out to all and sundry (for obvious reasons), but any organization with a legitimate interest in it - campaigns, advocacy groups, etc - can obtain it. Somewhere, I have a CD left over from an old project that contains my state's voter data from about 10 years ago. It has the obvious name and address info, but also lists what elections people have voted in (an indicator of political engagement) and some other interesting stuff.
The interesting bit here is the loss of the profiling data - anyone who wants the voter registration data probably has it already.
That's fine but they started tagging things onto it, some true, some not and now that's public.
Whether it can be considered sensitive is another matter but it's certainly embarrassing for the firms involved.
You didn't read the article did you. If it were ONLY voter info, that would be marginally less sloppy. But the data on each consisted of a short dossier including speculations by the analysts. There are some serious privacy issues tied to that.
Rhetorical Question: Would it be deemed as a "hack" if it was OPEN authentication (or open to the public)?
including one text file
Maybe it's just me but when I see news with a political slant I question the validity of it.
This now leads me to a question.
Deep Root Analytics appear to be a targeted "TV Advertising" company therefore what value is this data unless you can target specific adds at a specific person?
Maybe I'm wrong but it just doesn't make sense.
Missed the chance to edit but are we saying that a company purchased all the voter information from every state in America?
That seems a bit far fetched to me.
Far fetched? No, its easily done.
Gizmodo has a very long, very detailed article that answers pretty much every question posted here.
... for when someone leaks the UK Database that contains who everybody voted for in previous UK General Election.
Given that it is techically possible to do this, then they would have done it.
"Given that it is techically possible to do this, then they would have done it."
Given that it isn't technically possible, they wouldn't have.
It is possible, pay attention next time you cast a UK vote.
Why do you think there is a different number on each voting slip in the polling station?
Watch what the volunteer(s) write down.
Realise how there is a nice paper trail to each voter.
Sorry to burst your fantasy secret vote bubble, but (UK at least) it is possible to find your vote.
Since 1860 the numbers have been recorded to resolve any suspicion of voter fraud, but there have been instances in the past of, say, votes for Communists being traced and logged by MI5. Whether the state could and would find a way to trace and catalogue tens of millions of votes in the 366 days before the ballot papers have to be destroyed is another question.
Let's face it, Tory voters, you're probably safe from being investigated by MI5. Historically, though, every other political group of any durability has been under suspicion at one time or another. Well, except possibly the Monster Raving Loony Party.
Heh. This time I don't need to visit haveibeenpwned.com because the one time I actually registered to vote was just under 20 years ago and that probably makes me a terrorist.
I miss Fafblog.
Does anyone else find the NetApp ad eerily matching the context?
... in a storage instance that had been misconfigured to leave public access open
<ad> Millions of data points. A singular vision. NetApp. </ad>
Not the first time I've found that.
"Based on the information we have gathered thus far, we do not believe that our systems have been hacked," Deep Root Analytics' founder Alex Lundry
Because you left it open access you numpty!
I'm not sure what frightens me most, that he thinks that he can downplay the incident by saying they weren't "hacked" (scary word warning!!), or that he's right.
Yah. Calling yourselves 'Deep Root Analytics' and then making idiotic statements that show your analytical skills to be about as 'deep' as a thin-crust pizza, can't be good for business.
I don't care what anyone says:
Cloud Security = Oxymoron
If you want data to be secure - Step 1 - Don't post it on the internet!
And if you have some imagined reason that you need to; for the love of god, at least put a password on it!
Exactly. We warned about this 30 years ago by William Gibson. There is no excuse for anyone who thinks their data is secure in the cloud.
Ethnic profiling? Religious profiling? WTF! Everything is ready for the next segregation, the next internment camps.
Such a database would be highly illegal here, and rightly so:
The collection and processing of personal data that reveals, directly or indirectly, the racial and ethnic origins, the political, philosophical, religious opinions or trade union affiliation of persons, or which concern their health or sexual life, is prohibited.
@Potemkine! "Such a database would be highly illegal here, and rightly so"
Where is 'here', and what is their immigration policy?
Where is 'here'
The link points at www.cnil.fr so maybe it is France?
Damn crazy commie anti-bidness Frenchies!
But still, Google and Facebook get away with it.
Not anon, cause my people shove my contact info into these damned things all the time
NO to mention the page is IN French.
Deeply rooted is exactly what most of their victims will be once enough ID thieves and credit card scammers work through the list.
Lock them up....
Considering that Project ECHELON that links American and allied spy satellites has been recording private conversations for some time it is a safe bet that NSA has all this information. The question is did Obama use this information for his benefit? Seems we won't know for 5 years. He spirited the records of NSA activity during the campaign off to his Presidential library. That's why the Democrats seek desperately to convict Trump and associates on anything not related to "Russian collusion". Do the Democrats fear that Russia whom in all likelihood has the same information might give it to Trump? Thus a wedge must be formed. Could the mistake have been caused by an Obama plant? Enquiring minds want to know.
So in 5 years you'll be back on here apologizing if the release records turn up nothing of interest? Or by then you'll be arguing about something else to deflect attention. Common trick, used by snake oil salesmen and televangelists everywhere...
Simply deplorable. I have no words. I wonder what could trump such a leak?
Name says it all.
My personal info was posted, including my unlisted number that was not given to voter registration. And it's all still out there, research of the domain name still says Amazon is hosting. After a couple of days on the phone, I could not get my unlisted number removed. Since this has been out there, I've been hit hard with several phone scams. Will it ever be removed?
Biting the hand that feeds IT © 1998–2018