35 Million 2018 US Voter Records For Sale

Uploaded on 2018-10-22 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-National, FREE TO VIEW

Just weeks before the midterms, voter information from 19 states has turned up on the Dark Web. Up to 35 million voter records have been found up for sale on a popular hacking forum from 19 states, researchers discovered.

Researchers at Anomali Labs and Intel 471 said that they discovered Dark Web communications offering a large quantity of voter databases for sale, including valuable personally identifiable information and voter history.

This represents the first indication of 2018 voter registration data for sale on a hacking forum, said the researchers. The discovery comes weeks before the US November mid-term elections.

“With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large-scale identity theft,” researchers at Anomali Labs said in a Monday post. 

“Given the illicit vendor claims of weekly updates of voter records and their high reputation on the hacker forum, we assess with moderate confidence that he or she may have persistent database access and/or contact with government officials from each state.”

Researchers did not post what the name of the hacking forum was, or the timeline of the sales.
The disclosure affects 19 states and includes 23 million records for just three of the 19 states, researchers said. Impacted states include: Georgia, Idaho, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Mississippi, Montana, New Mexico, Oregon, South Carolina, South Dakota, Tennessee, Texas, Utah, West Virginia, Wisconsin, and Wyoming.

No record counts were provided for the remaining 16 states, but they did include prices for each state. Each voter list ranges from $150 to $12,500, depending on the state, the research team said. These prices could be related to the number of voter records per database.

The records contain voter data including full name, phone numbers, physical addresses, voting history, and other unspecified voting data.

“We estimate that the entire contents of the disclosure could exceed 35 million records,” the research team said.

“Researchers have reviewed a sample of the database records and determined the data to be valid with a high degree of confidence.”

Threatpost

You Might Also Read: 

Trump Says China Is Meddling In US Elections:

 

« How Cyber Criminals Are Using Social Media To Hack Bank Accounts
A Genocide Incited On Facebook »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Kaseya

Kaseya

Kaseya Traverse enables you to get to the bottom of problems quickly via root cause analysis, across Cloud, on-premise, hybrid Cloud, virtualized and distributed IT environments.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

Comtact

Comtact

Comtact is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24x7x365 from our ISO27001-accredited UK Network & Security Operations Centre (NOC/SOC).

ubirch

ubirch

The ubirch platform is designed to ensure that IoT data is trustworthy and secure.

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS) is a non-profit organization dedicated to the recruitment, retention and advancement of women in the cybersecurity field.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

Aurora Systems Consulting

Aurora Systems Consulting

Aurora is a Cybersecurity solutions provider with a portfolio consisting of security consulting, products and services that proactively prevent, secure and manage advanced threats and malware.

Charterhouse Voice & Data

Charterhouse Voice & Data

Charterhouse is your trusted technology partner - designing, provisioning and supporting the technology that underpins your operations including network security and data compliance.

Dynamic Quest

Dynamic Quest

Dynamic Quest is a managed IT, cloud and security services companies, providing a comprehensive range of technology services including cybersecurity, backup and disaster recovery.

Panacea Infosec

Panacea Infosec

Panacea Infosec is a leading provider of information security compliance services. We help our clients in protecting their data, reducing security risks and fighting cybercrime.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

Jitsuin

Jitsuin

Jitsuin enables developers with tools and services to build verifiable digital trust between organizations.