A huge voter registration databases from 19 US states are on sale on an underground hacking forum.
Researchers have discovered that 23 million US voter records are available for sale in a Dark Web hacking forum; this data includes personal and voting history information.
The seller of the voter registration databases from 19 different states also advertises that weekly updates of the data come from multiple contacts that are planted inside state governments.
Sellers form certain states require the buyers to personally travel to different locations in-state to receive the updated voter information. This kind of action suggests that the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Some US voter registration information is available for purchase by legal means and specifically only to political campaigns, journalists, and academic researchers. But this kind of information is definitely not intended for underground sale operation, researchers say.
Worse is that November 2018 midterm elections are only four weeks away, if the availability and currency of the voter records are combined with other breached data, it could lead to a disrupted electoral process or a large-scale identity theft.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.