SIGforum
Apparently there's been a massive leak of GOP voter data, nearly 200 Million records
June 19, 2017, 10:55 AM
46and2Apparently there's been a massive leak of GOP voter data, nearly 200 Million records
First source quote:
Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.
The data leak contains a wealth of personal information on roughly 61 percent of the US population. Along with home addresses, birthdates, and phone numbers, the records include advanced sentiment analyses used by political groups to predict where individual voters fall on hot-button issues such as gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity. The data was amassed from a variety of sources—from the banned subreddit r/fatpeoplehate to American Crossroads, the super PAC co-founded by former White House strategist Karl Rove.
Deep Root Analytics, a conservative data firm that identifies audiences for political ads, confirmed ownership of the data to Gizmodo on Friday.
Just saw this this morning. Still reading up on it myself.
June 19, 2017, 10:59 AM
46and2 Second source quote:
In what is the largest known data exposure of its kind, UpGuard’s Cyber Risk Team can now confirm that a misconfigured database containing the sensitive personal details of over 198 million American voters was left exposed to the internet by a firm working on behalf of the Republican National Committee (RNC) in their efforts to elect Donald Trump. The data, which was stored in a publicly accessible cloud server owned by Republican data firm Deep Root Analytics, included 1.1 terabytes of entirely unsecured personal information compiled by DRA and at least two other Republican contractors, TargetPoint Consulting, Inc. and Data Trust. In total, the personal information of potentially near all of America’s 200 million registered voters was exposed, including names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as “modeled” voter ethnicities and religions.
This disclosure dwarfs previous breaches of electoral data in Mexico (also discovered by Vickery) and the Philippines by well over 100 million more affected individuals, exposing the personal information of over sixty-one percent of the entire US population.
The data exposure provides insight into the inner workings of the Republican National Committee’s $100 million data operation for the 2016 presidential election, an undertaking of monumental scope and painstaking detail launched in the wake of Mitt Romney’s loss in 2012. Deep Root Analytics, TargetPoint, and Data Trust—all Republican data firms—were among the RNC-hired outfits working as the core of the Trump campaign’s 2016 general election data team, relied upon in the GOP effort to influence potential voters and accurately predict their behavior. The RNC data repository would ultimately acquire roughly 9.5 billion data points regarding three out of every five Americans, scoring 198 million potential US voters on their likely political preferences using advanced algorithmic modeling across forty-eight different categories.
Spreadsheets containing this accumulated data—last updated around the January 2017 presidential inauguration—constitute a treasure trove of political data and modeled preferences used by the Trump campaign. This data was also exposed in the misconfigured database and had been for an unknown period of time.
(More in the link above)
June 19, 2017, 11:19 AM
icom706Hmm?? Amazon, Jeff Bezos, GOP data hack? Naw, that's just too much of a stretch.
-.-. --.- -.-. --.- -.-. --.- -.-. --.-
It only stands to reason that where there's sacrifice, there's someone collecting the sacrificial offerings. Where there's service, there is someone being served. The man who speaks to you of sacrifice is speaking of slaves and masters, and intends to be the master.
Ayn Rand
"He gains votes ever and anew by taking money from everybody and giving it to a few, while explaining that every penny was extracted from the few to be giving to the many."
Ogden Nash from his poem - The Politician
June 19, 2017, 11:29 AM
JimineerEverything about you is already out there, according to many experts.
The money to be made by crooks is from your medical records, from what I've been told.
A young guy I had a casual conversation with said that by just using a photograph of your face, he can find out just about everything about you in less than a day.
June 19, 2017, 12:01 PM
CromDamned Russkies!
"Crom is strong! If I die, I have to go before him, and he will ask me, 'What is the riddle of steel?' If I don't know it, he will cast me out of Valhalla and laugh at me."
June 19, 2017, 12:45 PM
JimTheoI will repeat my mantra, despite the exhortations to the contrary, to NEVER put super critical data into the cloud!!! Never. Ever. As. Long. As. It.Lives.
Multiple break ins to every conceivable public storage configuration happens ALL the time.
Never. Ever.
I should be tall and rich too; That ain't gonna happen either June 19, 2017, 12:52 PM
220-9erI've always believed nothing's a secret if more than one person knows it.
___________________________
Avoid buying ChiCom/CCP products whenever possible.
June 19, 2017, 01:45 PM
jbcummingsquote:
Originally posted by JimTheo:
I will repeat my mantra, despite the exhortations to the contrary, to NEVER put super critical data into the cloud!!! Never. Ever. As. Long. As. It.Lives.
Multiple break ins to every conceivable public storage configuration happens ALL the time.
Never. Ever.
My thoughts too. You wouldn't hang your car keys on the antenna of your car and you wouldn't leave your house keys on the front porch. You wouldn't sleep spread eagle naked on the front lawn. Then WHY would you trust someone's cloud service with your data??
———-
Do not meddle in the affairs of wizards, for thou art crunchy and taste good with catsup.
June 19, 2017, 02:46 PM
MRMATTIs that 198 million Republican voters? How do we ever lose any election?
_____________________________
"A free people ought not only to be armed and disciplined but they should have sufficient arms and ammunition to maintain a status of independence from any who might attempt to abuse them, which would include their own government." George Washington.
June 19, 2017, 03:00 PM
TigerDorequote:
Originally posted by MRMATT:
Is that 198 million Republican voters? How do we ever lose any election?
Because 93 million die every day due to gun violence.
.
June 19, 2017, 03:05 PM
DsWrightquote:
Originally posted by TigerDore:
quote:
Originally posted by MRMATT:
Is that 198 million Republican voters? How do we ever lose any election?
Because 93 million die every day due to gun violence.
You win the internet today

June 19, 2017, 03:22 PM
46and2
June 19, 2017, 03:28 PM
4x5quote:
Originally posted by JimTheo:
I will repeat my mantra, despite the exhortations to the contrary, to NEVER put super critical data into the cloud!!! Never. Ever. As. Long. As. It.Lives.
Multiple break ins to every conceivable public storage configuration happens ALL the time.
Never. Ever.
Unfortunately, we're not always in control of the data concerning us. Someone can go to great lengths to protect their identity, and then find out their data has been compromised by doing something as simple as registering to vote.
Ladies and gentlemen, take my advice - pull down your pants and slide on the ice.
ʘ ͜ʖ ʘ June 19, 2017, 08:16 PM
wrightdquote:
Originally posted by JimTheo:
I will repeat my mantra, despite the exhortations to the contrary, to NEVER put super critical data into the cloud!!! Never. Ever. As. Long. As. It.Lives.
Multiple break ins to every conceivable public storage configuration happens ALL the time.
Never. Ever.
This is just ONE of the reasons my company is NOT going to any cloud services for certain systems. THAT kind of data should be kept internal and well protected. I guess you could call this IT incompetence on a gargantuan scale. Good lord.
Lover of the US Constitution
Wile E. Coyote School of DIY Disaster June 20, 2017, 09:43 AM
henryaz I know my data "out there" in multiple ways, but I have very low regard for the major political parties keeping out of my life. We are registered as "unaffiliated", or whatever classification AZ uses. We can still pick a primary to vote in. The main pain is how they harvest the registration rolls to feed into their robocalling campaigns.
June 20, 2017, 08:00 PM
r0guequote:
Originally posted by wrightd:
quote:
Originally posted by JimTheo:
I will repeat my mantra, despite the exhortations to the contrary, to NEVER put super critical data into the cloud!!! Never. Ever. As. Long. As. It.Lives.
Multiple break ins to every conceivable public storage configuration happens ALL the time.
Never. Ever.
This is just ONE of the reasons my company is NOT going to any cloud services for certain systems. THAT kind of data should be kept internal and well protected. I guess you could call this IT incompetence on a gargantuan scale. Good lord.
The cloud is really not the issue. A massive dataset kept unencrypted and unsecured on a private network would be (in some ways) just as bad. Maybe worse. Because on a private network, the security researcher wouldn't find it. He's not hacking, he's just scanning. But on a private network, generally (with the exception of more advanced companies), only the bad guys scan. And when they find, they exfiltrate.
Border security reliance is a thing of the past. Assumption of breach and defense in depth (layers) is the only viable answer. And encryption is rule number 1.
Gross negligence.