back to article US voter info stored on wide-open cloud box, thanks to bungling Republican contractor

A massive cloud-hosted database containing personal information on nearly 200 million people in America was left wide open by consultants hired by the US Republican National Committee, it is claimed. Security firm UpGuard said the records of 198 million US voters, including dates of birth, addresses and phone numbers, were …

  1. elDog

    Hey, don't blame the repuglicans - they're new at acting responsible

    Paul Ryan (the US Speaker of the House) just recently tried to justify tRump's activities by indicating that their fearless leader was just learning the ropes.

    Why would the RNC hire someone who know WTF they were doing?

    For once, I don't think this is based on malevolence - just incompetence. OK, not for once - many, many times it's one or both.

    1. BillG
      Joke

      Hillary

      Meanwhile, all the data mysteriously ended up on Hillary's email server.

      1. Version 1.0 Silver badge

        Re: Hillary

        You think the FBI will investigate this too?

        1. SolidSquid

          Re: Hillary

          They already decided Hillary wasn't guilty of anything, so why would they continue with this investigation when they've already made their decision?

          1. Bucky 2

            Re: Hillary

            They already decided Hillary wasn't guilty of anything, so why would they continue with this investigation when they've already made their decision?

            I think the GOP thought they could control Trump. It is possible that they do. His antics make for good TV, and should be pretty effective in hiding subtler mechanizations.

            Even if they don't, Trump is their dude. They have to continue hating Clinton. If they stop, they would have to accept that Clinton would have been better for the nation, and quite possibly, even healthier for the GOP itself.

            1. codejunky Silver badge

              Re: Hillary

              @ Bucky 2

              "They have to continue hating Clinton. If they stop, they would have to accept that Clinton would have been better for the nation"

              Thats a large leap. The republicans were mocked for offering a 'clown car' of candidates while the democrats dictated Hillary would win and anyone not voting the way they dictate must be *insert insults*. I dont care how good anyone thinks a candidate is that is not how an election should be run. Hopefully next election the democrats will offer choice instead of an extremist (to make Hillary look normal), Hillary and 3 seat fillers.

              1. Rattus Rattus

                Re: "Extremists"

                Which particular extremist were you referring to? Ted Cruz? Marco Rubio? If you were referring to Bernie Sanders, I should remind you that his views were actually pretty centrist. In fact he could have been any NuLabour candidate, and he wouldn't have been too far out of place even among the Tories.

                1. codejunky Silver badge

                  Re: "Extremists"

                  @ Rattus Rattus

                  "If you were referring to Bernie Sanders, I should remind you that his views were actually pretty centrist. In fact he could have been any NuLabour candidate, and he wouldn't have been too far out of place even among the Tories."

                  I was referring to Bernie (as I was referring to only the democrats) who in the US where he was trying to get elected is an extremist. That doesnt mean he is evil or that you must disagree with him, but he was certainly an extremist. His views were entirely different to how the US has and does work. There is nothing wrong with being an extremist politically and it can add to the debate. And we all know Bernie and Corbyn were added to their respected parties 'electables' to make the preferred candidates look better.

                  The reason you give for claiming he is centrist is because you compare him to labour and tories who are in the UK not the US. You might as well compare him to China's leadership, Russia or N Korea or any country in the world. It doesnt matter, he was running in the US and his views were pretty extreme.

                  If we want to look at the Republicans I was a fan of Rand Paul who was extremist as he was a libertarian while everyone else on both parties was authoritarian.

    2. Marshalltown

      Re: Hey, don't blame the repuglicans - they're new at acting responsible

      According to the story, Deep Root Analytics is a "Republican" firm. Their webpage is most impressive in what it doesn't say and the manner in which it redefines "audience." So, yes, Republicans are to blame. And given the obvious behaviour of DT, quite plainly "responsibility" in far-right mores has a special place too.

  2. DougS Silver badge

    200 million people in the DB?

    That means it was the full list of ALL registered voters in the whole US. Nice.

    Oh well, not like my name, address and DOB aren't out there already. Good thing they didn't have SSNs, or all hell would break loose!

    At 1.1 TB, the database has over 5K per voter....that's more than just what was listed in the article. I wonder what else is in there? Perhaps some proprietary RNC data about donation history, frequency of contact, etc.?

    1. HandleAlreadyTaken

      Re: 200 million people in the DB?

      From a BBC article: [The data contained] "citizens' suspected religious affiliations, ethnicities and political biases, such as where they stood on controversial topics like gun control, the right to abortion and stem cell research"

      1. vir

        Re: 200 million people in the DB?

        Each entry is a small .jpg of a printout.

        1. Marshalltown

          Re: 200 million people in the DB?

          "Each entry is a small .jpg of a printout."

          Not likely. Jpegs would be analytically useless without conversion to actual data. It would mean the contractor was even more stupid than it already looks like. Though, perhaps the company was really owned by Trump.

      2. Flywheel Silver badge

        Re: 200 million people in the DB?

        [The data contained] "citizens' suspected religious affiliations, ethnicities and political biases

        "suspected"? Wow, what a lot of room for error. What could possibly go wrong?

      3. Anonymous Coward
        Anonymous Coward

        Re: 200 million people in the DB?

        From a BBC article: [The data contained] "citizens' suspected religious affiliations, ethnicities and political biases, such as where they stood on controversial topics like gun control, the right to abortion and stem cell research"

        What about their views on the subject of data protection and online privacy? Probably a moot point now.

    2. Marshalltown

      Re: 200 million people in the DB?

      What's interesting is that it appears to indicate that the "reds" have dossiers not just on their voters but also on democrats and independents and probably the hens in the barn. So, presumably we're looking at politics in the US an information warfare situation. Presumably the democrats are similarly well equipped.

      1. Gnosis_Carmot

        Re: 200 million people in the DB?

        I'm sure the Democrats have it too. It would be naive to think otherwise.

    3. Anonymous Coward
      Anonymous Coward

      Re: 200 million people in the DB?

      ref. I wonder what else is in there?

      cat videos

      p.s. so what do they have on Trump? Can I look it up?! :D

    4. John Brown (no body) Silver badge

      Re: 200 million people in the DB?

      "At 1.1 TB, the database has over 5K per voter....that's more than just what was listed in the article."

      According to the BBC article, it was spreadsheets. Excel overhead? Was it even a database or just a few immense spreadsheets? Or was it a database with reports produced in spreadsheet form all in one big trove?

      1. Marshalltown

        Re: 200 million people in the DB?

        Excel is THE classical program to misuse as a DBMS. My most common task when it comes to computers is explaining users why their "database" choked and has started giving them nonsense results, or shall I say results they finally recognized as nonsense. Loads of people "who have better things to do" jump into "databases" using Excel. After all, it counts, it sums, it has statistical routines. . I usally spend loads of time "sane-ifying" their data into useful, analyzable computer chow. Quite often they are shocked to discover that "all this time" what ever they thought their data was telling them was wrong. I get their data converted over to a DBMS, usually Access, which is pretty decent for a MS product, and then get called back several times before the differences between a spreadsheet and a DBMS finally sink in.

    5. fobobob

      Re: 200 million people in the DB?

      Since spreadsheets were mentioned... perhaps they used some crap-o spreadsheet template that still contains several megabytes of vestigial cruft that someone forgot to clean up? I get these all the time at work, 5+MB spreadsheet with one useful page, no formulae.. and like 5 disused pages of trash because someone couldn't be arsed to just make a new workbook.

      1. Androgynous Cupboard Silver badge

        Re: 200 million people in the DB?

        All the answers to your questions, and more besides, are in the article on upguard.com linked to from the original article. It's a very, very interesting read.

        Link here if you're too damn lazy too look for it yourself.

  3. DougS Silver badge

    Data mining?

    It would be interesting to match the names and DOBs to try to locate people registered in more than one state. I've long believed that the real voter fraud in the US isn't illegals voting, or people voting the names of the deceased, but people who have residences in two states voting in both. Especially since the number one "snowbird" state, Florida, is a swing state.

    You'd need other sources to confirm that the John Smith born on 1/1/1970 living in Milwaukee is the same John Smith born on 1/1/1970 living in Orlando, but such a list would be a very good starting point.

    Fortunately the only guaranteed fix for the problem - using SSNs - wasn't implemented or this list would include them.

    1. This post has been deleted by its author

      1. mr_souter_Working

        Re: Data mining?

        where did you learn basic maths?

        John Smith - born in 1970

        current year - 2017

        (2017 - 1970) is how many years again?

        that's right - it's 47 years.

    2. Version 1.0 Silver badge

      Re: Data mining?

      " the real voter fraud in the US" - is that fact that you always have to vote for the lesser of two evils.

      The best way to swing an election in the US is to simply remove people from the voting rolls based on ethnicity and voting history - the RNC have been doing this for years in many states using the type of information that this database contained.

      1. dbtx Bronze badge
        Facepalm

        Re: Data mining?

        "...you always have to..."

        No, you don't.

      2. Gnosis_Carmot

        Re: Data mining?

        "The best way to swing an election in the US is to simply remove people from the voting rolls based on ethnicity and voting history"

        Conversely you can leave names on the rolls of the deceased and people who moved away. The first election after my father died I found out, since we shared the same name, that someone had voted as him. I notified the poll workers that ballot should be voided as my father was deceased.

    3. Kernel Silver badge

      Re: Data mining?

      "Fortunately the only guaranteed fix for the problem - using SSNs - wasn't implemented or this list would include them."

      Not a US citizen (and have no desire to even visit, much less become one), but I seem to recall reading once that the legislation that introduced SSNs specifically barred them from being used as proof of identity.

      1. Anonymous Coward
        Anonymous Coward

        "recall reading legislation ... SSNs specifically barred ... as proof of identity."

        Why the U.S. Can’t Kick Its Addiction to Social Security Numbers

        https://www.bloomberg.com/news/articles/2017-06-01/identity-theft-feeds-on-social-security-numbers-run-amok

      2. Mark 85 Silver badge

        @Kernel -- Re: Data mining?

        What you say is true but it's almost universally ignored. Kind of like speed limits on the roads.

      3. ecofeco Silver badge

        Re: Data mining?

        but I seem to recall reading once that the legislation that introduced SSNs specifically barred them from being used as proof of identity.

        It was made law and then eventually ignored.

    4. Tim99 Silver badge
      Joke

      Re: Data mining?

      To confirm their general incompetence, the GOP contractor initially copied an old DB schema onto a Linux cloud server, but had probably not heard of Unix/epoch time. The concept of null would have been beyond them, so they put a default of zero in the DOB field. Then after the database was initially set up, someone else said "We can't use this freetard system, you must upgrade to a real Windows system". The said contractor then looked for a data conversion tool, which replaced all of the zeros with the valid 1/1/1970 value...

    5. Marshalltown

      Re: Data mining?

      SSNs are not a guaranteed fix. When my dad retired he had to through numerous hoops because someone else had been using his SSN in a different part of the state. You very rarely need to present your Social Security Card.

      1. DougS Silver badge

        Re: Data mining?

        The number of people using the same SSN and having the same name would be very limited. If found, it would point to a different type of fraud that would also be desirable to excise from the system.

        As for rarely needing to present a SS card, that's definitely true. I lost mine as a teenager, but have gotten along just fine without it.

        1. Stevie Silver badge

          Re: If found, it would point to a different type of fraud

          Not necessarily.

          In the pre-internet age it wasn't impossible for two people to be issued the same SSN because of paperwork latencies.

          I know this for a fact.

          At age 50 it should become apparent when the reports from the SSA start being sent out.

          Innocent until proven guilty. Even when it comes to duplicate SSNs.

    6. Naselus

      Re: Data mining?

      "I've long believed that the real voter fraud in the US isn't illegals voting, or people voting the names of the deceased, but people who have residences in two states voting in both."

      Except even instances of that are probably minuscule. Actual confirmed instances of voter fraud in the USA are something like 50 cases in the last 25 years. And most of those proved to be accidental - people voting without realizing they weren't registered.

      The simple truth is that the US does not really have a voter fraud problem of any kind; it's just a tired excuse for the GOP to try and make it harder for democrats to vote.

      1. Anonymous Coward
        Anonymous Coward

        Re: 50 cases in the last 25 years

        "Actual confirmed instances of voter fraud in the USA are something like 50 cases in the last 25 years."

        That number sounds incredibly low. If it's accurate, then it surely reflects poor detection rather than the actual level of fraud.

        1. Anonymous Coward
          Anonymous Coward

          Re: 50 cases in the last 25 years

          "That number sounds incredibly low. If it's accurate, then it surely reflects poor detection rather than the actual level of fraud."

          The GOP has had a pretty massive effort of voter fraud detection in order to try and justify their position. They've been training volunteer poll observers for a decade or more. They'd LOVE to uncover concrete examples of in person voter fraud to justify their push for things like requiring IDs. So far, they've been unsuccessful.

          Heck, it's hard enough to convince people to vote *once* in any given US election, let alone many times.

          1. Anonymous Coward
            Anonymous Coward

            Re: 50 cases in the last 25 years

            Knowing that it's happening and being able to actually identify perpetrators are two very different things.

            But you don't need to identify specific cases to know that an average of 2 cases of electoral fraud a year doesn't reflect reality. Just compare to other first-world democracies. Here are some figures from Australia:

            http://www.aph.gov.au/~/media/05%20About%20Parliament/54%20Parliamentary%20Depts/544%20Parliamentary%20Library/Research%20Papers/2014-15/VoterID-1.gif?la=en

            The number of people admitting to multiple voting doesn't vary that much from year to year, but the numbers referred to the police and the numbers referred by the police to the courts fluctuate wildly. The obvious conclusion is that the number of prosecutions for electoral fraud is more dependent on official policies and procedures, or on the resources allocated to dealing with it, than on the actual level of fraud.

            Confirmed cases of electoral fraud in the UK are also several times more frequent than the claimed American level, with an electorate several times smaller. The UK Electoral Commission has some good statistics on it.

            1. Naselus

              Re: 50 cases in the last 25 years

              "Confirmed cases of electoral fraud in the UK are also several times more frequent than the claimed American level, with an electorate several times smaller. The UK Electoral Commission has some good statistics on it."

              The statistics which show actual voter fraud by voters trying to vote multiple times is effectively zero? There's about 70 cases a year in the UK of people signing up to vote who are not permitted to do so; this is usually EU nationals living in the UK who are not aware that they aren't allowed to vote. That's about one person per million population.

              Again, this is not a real problem and it has basically no impact on results, which is why Republicans are really, really hot on the issue until someone actually suggests an official investigation, which will come back reporting that it's not an issue and recommending that the voter suppression laws the GOP are constantly pushing for are dropped. This is not even a controversial point; Republican politicians have publicly admitted that this is what they're doing (in order to prove they're not attempting to disenfranchise people based on race, they said they were doing it to disenfranchise Democrats instead).

              1. Anonymous Coward
                Anonymous Coward

                Re: 50 cases in the last 25 years

                "The statistics which show actual voter fraud by voters trying to vote multiple times is effectively zero?"

                The statistics show there are around half a dozen convictions or cautions for "Personation/legal incapacity to vote/multiple voting" per year. Relative to the size of the electorate, that's an order of magnitude more than the claimed level for the USA. Are American voters so much more honest, or are American elections so much more resistant to fraud?

                Read the Electoral Commission's example summaries of the convictions/cautions. The impersonation/multiple voting cases are all detected by polling station staff who happened to recognise someone who had already been in earlier in the day. If that's what you're relying on, then it's pretty clear you're only catching a fraction of the people who are using someone else's vote. If Britain is only catching a fraction of fraudulent voters, then the USA, with apparently a 15x lower level of fraud, is definitely not detecting all cases. And frankly none of us have any idea how many cases are not being detected.

        2. Naselus

          Re: 50 cases in the last 25 years

          "That number sounds incredibly low. If it's accurate, then it surely reflects poor detection rather than the actual level of fraud."

          Not really. The fact is, if you wanted to swing an election, then in-person voter fraud is the least effective and efficient way you could possibly do it. You spend several hours driving to a different polling station, queuing up again, pretend to be someone else, and Bam! you've successfully added a single vote to the total for all that effort. Even if you spent all day doing it, you're personally going to manage what, 10 extra votes in an electorate of 120 million? For the risk, there's no reward.

          It's a bit like the number of bank robberies where the culprit asks them to set up a new bank account using his own name and social security number and transfer all the money into it are very, very low - not because we have trouble detecting that kind of crime, but because it's not a crime people would actually perform.

        3. Marshalltown

          Re: 50 cases in the last 25 years

          "... it surely reflects poor detection rather than the actual level of fraud."

          Not necessarily. Fraudulent voting would mean much more in local elections than in national elections. With the exception - possibly - of California, the states with the highest numbers of "illegals" all voted for Trump. By and large, they have better things to with their time than trying to alter an election outcome. Beside which, when you look at the demographics of the 2016 election, it appears that "liberal" - in the US sense - basically stayed home or refused to vote for Clinton. Not getting Bernie, they apparently said "**** it" and either didn't vote for president or didn't vote at all. Also, as the Democratic campaign demonstrated, it is far easier to rig voting rules in the primaries than in the actual election. The Dems did precisely that and lost. Apparently, the Republicans were nearly as bad. I know many and less than half will admit casting a vote for president. They walked into the polls, voted on the issues that were important to them, but could not choke down voting for Trump or crossing party lines and voting for Clinton.

          Fraudulent votes are important in things like city council elections, venues where the out comes are of trivial significance except locally.

      2. Anonymous Coward
        Anonymous Coward

        Voter Fraud

        It really comes down to how you define and enumerate the fraud.

        In the last Federal election the recounts revealed that there were SEVERAL precincts in Detroit Michigan that had more votes registered for a single candidate than the entire population of registered voters in that precinct.

        Obviously common sense tells us that foul play was involved, as the precinct chairmen reporting the vote totals are going to know how many voters they have in their districts, and while you might be able to blame a single precinct as an single anomaly, when there are multiple precincts in a small geographic area with the same anomaly you have clear evidence of coordinated fraud.

        So, that fact that voter fraud was involved is a given.

        The question then comes down to whether each illegal vote is a instance of fraud, each precinct, each district, each state, etc.

        Note that I am not blaming or naming one political party over the other - this type of low-level grassroots fraud can occur in any party without the knowledge or participation of party leadership. The fraud also did not affect the outcome of the election, as the ratio of fraudulent votes as compared to the legitimate ones is so wide that it is statistically insignificant.

        Now where I WILL name parties is that trying to say that it is just The Republican Party and not the Democrat Party is either disinformation or willful ignorance. One of my former clients lived in Chicago where as a small boy one of his jobs was to sit inside the election booth and pull the lever for Democrat candidates every time he saw the lever for a Republican candidate move, so that the Democrats would always have more votes. It would not surprise me to find out that Republicans did the same types of things in other precincts.

        Additionally, the repeated claim that requiring a voter to provide identification is an attempt to suppress votes is clearly ridiculous. In this country you cannot get a job, open bank account, get a cellular phone, cash a check, or purchase something with anything other than cash without some sort of identification. The ONLY reason to continue to fight "voter id" laws is to enable and promote fraud. A significant percentage of the states have had voter id laws for decades or more, and I only see one political party fighting them in states where they don't already exist.

        1. Hawkeye Pierce

          Re: Voter Fraud

          Wow you must have some significant inside information given that the state audit into the discrepancy found no evidence of persuasive voter fraud and that human error and possibly machine error was the main cause.

          So no, common sense does not tell us that foul play was involved.

          1. Anonymous Coward
            Anonymous Coward

            Re: Voter Fraud

            If you are in charge of a voting station, you know how many people are registered to vote in your precinct. For you to turn in numbers higher than that without noticing is not going to happen - for multiple people to do it in the same area requires coordination.

            For a political investigation to find "no evidence" isn't at all uncommon as they only find what they want to find - however in this case there is evidence, just not proof of who all was involved.

            It didn't change the outcome so there are no actual damages, and no investigator is interested in digging too far lest they actually uncover something that someone in power doesn't want uncovered, but the end result is that from now until the end of time every election in those districts is going to be held under a spotlight and magnifying glass ensuring that "whatever happened" doesn't happen again -- and THAT is perceived to be a sufficient remedy.

          2. Anonymous Coward
            Anonymous Coward

            Re: Voter Fraud

            Actually, the audit found absolutely NO evidence of machine error, attributed EVERYTHING to human error, but blamed training and not coordinated fraud.

    7. Gnosis_Carmot

      Re: Data mining?

      It was common when I was in college in the 90s for both the Democrat and the Republican party people to tell to college students they could vote at both their home address and at their college address.

      What they always left out was that only applied to local elections. National level the students had to pick one.

    8. Richard Plinston Silver badge

      Re: Data mining?

      > match the names and DOBs to try to locate people registered in more than one state.

      Apparently, there are 3 million registered in more than one state mainly because people move and even if they tell the old state they have gone the cleanup of the rolls is not done. This was the basis that Trump claimed, without any evidence at all, that all 3million voted democrat twice.

      Among that 3 million were Tiffany Trump and Steve Bannon.

  4. Gene Cash Silver badge

    Tax fraud

    This will make life a lot easier for folks trying to steal tax refunds.

  5. Anonymous Coward
    Anonymous Coward

    From the US to the EU ... Red or Blue ...

    We expect Govt to regulate Data Protection, IoT, General-Privacy, Security etc... Who are we kidding... Govt is the weakest link in the Chain. Where's the 'Singularity-Meltdown-Doomsday-Clock' icon....

    http://www.irishtimes.com/business/technology/government-continues-data-sharing-projects-despite-eu-ruling-1.2896362

  6. Anonymous Coward
    Anonymous Coward

    CloudFog

    This should be a wake up call for anyone migrating. All it takes is one mistake by a contractor and chaos! Can't wait for GDPR, its going to be a bloodbath. Or will global Corps just ship data outside EU before leaking it?

    1. Wensleydale Cheese

      GDPR a bloodbath?

      "Can't wait for GDPR, its going to be a bloodbath."

      Perhaps a wake up call to tell a few businesses that shifting everything overseas and into the cloud isn't actually the silver bullet they think it is.

  7. Anonymous Coward
    Anonymous Coward

    Deep Root Analytics???

    No, Dumb as Shit and now Deep in Shit Analytics after this. This is what's wrong with America. No idiot should have access to this kind of data:

    http://www.bbc.co.uk/news/technology-40331215

    ....."Sensitive personal details relating to almost 200 million US citizens have been accidentally exposed by a marketing firm: Birthdates, home addresses, telephone numbers and political views of nearly 62% of the entire US population, the data also contained citizens' suspected religious affiliations, ethnicities and political biases, such as where they stood on controversial topics like gun control, the right to abortion and stem cell research. "....

  8. Anonymous Coward
    Anonymous Coward

    One More

    I wonder how you determine the stance of 200,000,000 individuals on controversial topics?

    One more I'd like to see more information on: Some Democrats in the house all used the same individuals for IT Support and they seem to have been dodgy at best. A lot of questions there, and also a lot of stonewalling.

    1. Anonymous Coward
      Anonymous Coward

      "wonder how you determine the stance of 200,000,000 individuals on controversial topics?"

      Wakey wakey Neo....

      https://www.theguardian.com/politics/2017/feb/26/robert-mercer-breitbart-war-on-media-steve-bannon-donald-trump-nigel-farage

      ===========================

      http://www.faz.net/aktuell/feuilleton/debatten/the-digital-debate/shoshana-zuboff-secrets-of-surveillance-capitalism-14103616.html

      https://www.theguardian.com/commentisfree/2016/may/01/profits-perils-drilling-data-oil-surveillance-online-information

      https://www.theguardian.com/technology/2017/may/02/facebook-executive-advertising-data-comment

      http://money.cnn.com/2014/06/30/technology/facebook-mood-experiment/index.html

  9. Anonymous Coward
    Anonymous Coward

    I guess this explains why nobody bothered hacking the RNC.

    1. Rich 11 Silver badge

      It was the Russians which didn't do it.

      1. Alister Silver badge

        You're a bit behind the times Rich, it was the North Koreans who didn't do it, not the Russians.

  10. NullReference Exception

    Voter registration data is not confidential

    Voter registration data in the US is already quasipublic - states won't give it out to all and sundry (for obvious reasons), but any organization with a legitimate interest in it - campaigns, advocacy groups, etc - can obtain it. Somewhere, I have a CD left over from an old project that contains my state's voter data from about 10 years ago. It has the obvious name and address info, but also lists what elections people have voted in (an indicator of political engagement) and some other interesting stuff.

    The interesting bit here is the loss of the profiling data - anyone who wants the voter registration data probably has it already.

    1. Halfmad Silver badge

      Re: Voter registration data is not confidential

      That's fine but they started tagging things onto it, some true, some not and now that's public.

      Whether it can be considered sensitive is another matter but it's certainly embarrassing for the firms involved.

    2. Marshalltown

      Re: Voter registration data is not confidential

      You didn't read the article did you. If it were ONLY voter info, that would be marginally less sloppy. But the data on each consisted of a short dossier including speculations by the analysts. There are some serious privacy issues tied to that.

  11. sanmigueelbeer Silver badge
    FAIL

    Would it be a hack

    Rhetorical Question: Would it be deemed as a "hack" if it was OPEN authentication (or open to the public)?

  12. ggray

    The parent website

    https://www.upguard.com/breaches/the-rnc-files

    including one text file

  13. Anonymous Coward
    Anonymous Coward

    Maybe it's just me but when I see news with a political slant I question the validity of it.

    This now leads me to a question.

    Deep Root Analytics appear to be a targeted "TV Advertising" company therefore what value is this data unless you can target specific adds at a specific person?

    Maybe I'm wrong but it just doesn't make sense.

    1. Anonymous Coward
      Anonymous Coward

      Missed the chance to edit but are we saying that a company purchased all the voter information from every state in America?

      That seems a bit far fetched to me.

      1. ecofeco Silver badge

        Far fetched? No, its easily done.

  14. Barry Rueger

    Gizmodo

    Gizmodo has a very long, very detailed article that answers pretty much every question posted here.

    http://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612

  15. Anonymous Coward
    Anonymous Coward

    I'm waiting ...

    ... for when someone leaks the UK Database that contains who everybody voted for in previous UK General Election.

    Given that it is techically possible to do this, then they would have done it.

    1. Naselus

      Re: I'm waiting ...

      "Given that it is techically possible to do this, then they would have done it."

      Given that it isn't technically possible, they wouldn't have.

      1. tiggity Silver badge

        Re: I'm waiting ...

        It is possible, pay attention next time you cast a UK vote.

        Why do you think there is a different number on each voting slip in the polling station?

        Watch what the volunteer(s) write down.

        Realise how there is a nice paper trail to each voter.

        Sorry to burst your fantasy secret vote bubble, but (UK at least) it is possible to find your vote.

        1. Rich 11 Silver badge

          Re: I'm waiting ...

          Since 1860 the numbers have been recorded to resolve any suspicion of voter fraud, but there have been instances in the past of, say, votes for Communists being traced and logged by MI5. Whether the state could and would find a way to trace and catalogue tens of millions of votes in the 366 days before the ballot papers have to be destroyed is another question.

          Let's face it, Tory voters, you're probably safe from being investigated by MI5. Historically, though, every other political group of any durability has been under suspicion at one time or another. Well, except possibly the Monster Raving Loony Party.

  16. dbtx Bronze badge

    Heh. This time I don't need to visit haveibeenpwned.com because the one time I actually registered to vote was just under 20 years ago and that probably makes me a terrorist.

    I miss Fafblog.

  17. Sebastian Brosig
    Black Helicopters

    Data mining & El Reg's ad customers

    Does anyone else find the NetApp ad eerily matching the context?

    ... in a storage instance that had been misconfigured to leave public access open

    <ad> Millions of data points. A singular vision. NetApp. </ad>

    Not the first time I've found that.

  18. Allan George Dyer Silver badge
    Facepalm

    Quote of the week proposal:

    "Based on the information we have gathered thus far, we do not believe that our systems have been hacked," Deep Root Analytics' founder Alex Lundry

    Because you left it open access you numpty!

    I'm not sure what frightens me most, that he thinks that he can downplay the incident by saying they weren't "hacked" (scary word warning!!), or that he's right.

    1. B0rg

      Re: Quote of the week proposal:

      Yah. Calling yourselves 'Deep Root Analytics' and then making idiotic statements that show your analytical skills to be about as 'deep' as a thin-crust pizza, can't be good for business.

  19. Anonymous Coward
    Anonymous Coward

    I don't care what anyone says:

    Cloud Security = Oxymoron

    If you want data to be secure - Step 1 - Don't post it on the internet!

    And if you have some imagined reason that you need to; for the love of god, at least put a password on it!

    1. ecofeco Silver badge
      Alert

      Exactly. We warned about this 30 years ago by William Gibson. There is no excuse for anyone who thinks their data is secure in the cloud.

  20. Potemkine! Silver badge

    Police State

    Ethnic profiling? Religious profiling? WTF! Everything is ready for the next segregation, the next internment camps.

    Such a database would be highly illegal here, and rightly so:

    The collection and processing of personal data that reveals, directly or indirectly, the racial and ethnic origins, the political, philosophical, religious opinions or trade union affiliation of persons, or which concern their health or sexual life, is prohibited.

    1. druck Silver badge

      Re: Police State

      @Potemkine! "Such a database would be highly illegal here, and rightly so"

      Where is 'here', and what is their immigration policy?

      1. Alister Silver badge

        Re: Police State

        Where is 'here'

        The link points at www.cnil.fr so maybe it is France?

        1. Marshalltown

          Re: Police State

          NO to mention the page is IN French.

    2. ecofeco Silver badge
      Thumb Up

      Re: Police State

      Damn crazy commie anti-bidness Frenchies!

      Oh wait...

    3. Paul 129

      Re: Police State

      But still, Google and Facebook get away with it.

      :-/

      Not anon, cause my people shove my contact info into these damned things all the time

  21. John Smith 19 Gold badge
    Unhappy

    " Deep Root Analytics"

    Deeply rooted is exactly what most of their victims will be once enough ID thieves and credit card scammers work through the list.

  22. Anonymous Coward
    Anonymous Coward

    Lock them up....

  23. dncnvncd

    Considering that Project ECHELON that links American and allied spy satellites has been recording private conversations for some time it is a safe bet that NSA has all this information. The question is did Obama use this information for his benefit? Seems we won't know for 5 years. He spirited the records of NSA activity during the campaign off to his Presidential library. That's why the Democrats seek desperately to convict Trump and associates on anything not related to "Russian collusion". Do the Democrats fear that Russia whom in all likelihood has the same information might give it to Trump? Thus a wedge must be formed. Could the mistake have been caused by an Obama plant? Enquiring minds want to know.

    1. Anonymous Coward
      Anonymous Coward

      'Bama wire tapping

      So in 5 years you'll be back on here apologizing if the release records turn up nothing of interest? Or by then you'll be arguing about something else to deflect attention. Common trick, used by snake oil salesmen and televangelists everywhere...

  24. Anonymous Coward
    Anonymous Coward

    Simply deplorable. I have no words. I wonder what could trump such a leak?

  25. Captain Badmouth

    Deep Root Anal-ytics

    Name says it all.

  26. Justfor

    OK, we are from the same planet!

    My personal info was posted, including my unlisted number that was not given to voter registration. And it's all still out there, research of the domain name still says Amazon is hosting. After a couple of days on the phone, I could not get my unlisted number removed. Since this has been out there, I've been hit hard with several phone scams. Will it ever be removed?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019