A security researcher has, yet again, discovered thousands of U.S. voter files with a minimal amount of effort. Given that over the past year virtually every registered U.S. voter has been exposed by one data breach or another, it’s becoming increasingly difficult to feign our surprise. According to the researcher, Kromtech Security’s Bob Dianchenko, the files were available online for virtually anyone to download and had long been indexed by GreyhatWarfare, a website that currently lists more than 48,000 Amazon S3 buckets, in which potentially confidential files can be found. Dianchenko linked the Amazon server containing the voter files to Robocent, a Virginia-based political campaign and robocalling company. More than 2,600 files were exposed, including voter file spreadsheets and audio recordings for several political campaigns. The voter data itself contained names, phones numbers, addresses, political affiliations, age and year of birth, gender, voting district, and other demographic information, such as language and ethnicity.
According to RoboCent’s website, the company offers a wide range of automated services, including robocalls, SMS messaging, ringless voicemail drops, and it even supplies voter data directly to clients at a cost of three cents per record (mobile numbers are an additional 2.5 cents). The company’s privacy policy doesn’t mention voter data specifically.
RoboCent appears to market its services toward both Democrat and Republican candidates. In one blog post advertising its suite of services, it noted challenges facing Democrats seeking to build a “public opinion case” against the Trump administration. Another, following Republican primaries in Kentucky and Indiana, boasted about the victories of “Trump-flavored” candidates.
Dianchenko contacted RoboCent after discovering the voter file cache and the records were quickly secured. “We’re a small shop, so keeping track of everything can be tough,” a RoboCent developer told him.
Gizmodo could not immediately reach RoboCent for comment.
Full Article: It’s Time to Pretend We’re Shocked by Yet Another Voter File Data Breach.