The era of big data breaches isn’t stopping — if anything, it seems to be getting worse. In April last year, the Telegraph reported that 50 million Turkish citizens’ details were leaked. At around the same time, the Rappler noted the leak of 55 million Philippine voting records, which was followed shortly by news of over 90 million Mexicans’ voting records.
Now, this, from Dan O’Sullivan of UpGuard:
In what is the largest known data exposure of its kind, UpGuard’s Cyber Risk Team can now confirm that a misconfigured database containing the sensitive personal details of over 198 million American voters was left exposed to the internet by a firm working on behalf of the Republican National Committee (RNC) in their efforts to elect Donald Trump. The data, which was stored in a publicly accessible cloud server owned by Republican data firm Deep Root Analytics, included 1.1 terabytes of entirely unsecured personal information compiled by DRA and at least two other Republican contractors, TargetPoint Consulting, Inc. and Data Trust. In total, the personal information of potentially near all of America’s 200 million registered voters was exposed, including names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as “modeled” voter ethnicities and religions.
This echoes a leak of of the information of 191 million voters from December 2015, but this is even worse with the inclusion of ethnicity and religion data, which can be used to target specific individuals. You know all those tech companies promising not to assist with the creation of a so-called “Muslim registry”? Even without Facebook’s enormous data set, this is the next closest thing.