Cloud Security glitch exposes info about 593000 Alaskan Voters

704

CouchDB Database’s cloud security glitch is said to have exposed information pertaining to more than 593,000 Alaskan voters. The sources reporting to cybersecurity insiders say that the data got exposed when cloud security admins bypassed important security settings that were set to the public instead of private. Thus, anyone who got an internet connection could have gained access to the CouchDB repository and could have scrapped off the info within minutes.

The exposed data was a part and parcel of voter base which is the market’s leading national voter file compiled by TargetSmart. The compiled info includes contacts and details of over 191 million voters; of those 58 million remain unregistered and that of voting age consumers.

It is estimated that TargetSmart has managed to gather voters’ info of the populace residing in more than 19 countries and more will follow soon. The company never reveals how it manages to gain access to the voter’s database. But says that thousands of election campaigns each year rely on the power of its database to gain fundraise, research and to launch voter contact programs.

In a statement issued by Tom Bonier, the CEO of TargetSmart, he blamed the breach on a 3rd party provider called Equals3. The said company is said to be an AI software provider based in Minnesota and appears to have failed to secure some data which they license from TargetSmart. Thus, in this process, info regarding 593,000 Alaskan voters got exposed.

Note 1- The whole data leak was exposed by the researchers from Kromtech, a German-based IT Investment and Development Company.

Note 2- Kromtech researchers have also exposed a security flaw on Amazon S3 buckets which leaked data related to 3,065,000 World Wrestling Entertainment (WWE) fans. This includes their names, email addresses, phone numbers, mailing addresses and demographic info dating back to 2014-2015.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display