A security researcher has, yet again, discovered thousands of U.S. voter files with a minimal amount of effort. Given that over the past year virtually every registered U.S. voter has been exposed by one data breach or another, it’s becoming increasingly difficult to feign our surprise. According to the researcher, Kromtech Security’s Bob Dianchenko, the files were available online for virtually anyone to download and had long been indexed by GreyhatWarfare, a website that currently lists more than 48,000 Amazon S3 buckets, in which potentially confidential files can be found. Dianchenko linked the Amazon server containing the voter files to Robocent, a Virginia-based political campaign and robocalling company. More than 2,600 files were exposed, including voter file spreadsheets and audio recordings for several political campaigns. The voter data itself contained names, phones numbers, addresses, political affiliations, age and year of birth, gender, voting district, and other demographic information, such as language and ethnicity.
RoboCent appears to market its services toward both Democrat and Republican candidates. In one blog post advertising its suite of services, it noted challenges facing Democrats seeking to build a “public opinion case” against the Trump administration. Another, following Republican primaries in Kentucky and Indiana, boasted about the victories of “Trump-flavored” candidates.
Dianchenko contacted RoboCent after discovering the voter file cache and the records were quickly secured. “We’re a small shop, so keeping track of everything can be tough,” a RoboCent developer told him.
Gizmodo could not immediately reach RoboCent for comment.