National: Hackers Are Sharing Reams of US Voter Data on the Dark Web | Motherboard

Alleged voting records of millions of American citizens have been uploaded to the dark web on a site affiliated with a well-known cybercrime forum. Although the information is not particularly sensitive in its own right, its presence on the site shows that even easily obtainable personal data can be of interest to hackers. The datasets appear to include voters’ full names, dates of birth, the date they registered to vote, addresses, local school districts, and several other pieces of information. The dumps also include voting records from previous elections and political affiliations. The two largest files are 1.2 GB and 1 GB, respectively, and each contain at least a million entries. The folder containing the files is called “US_Voter_DB,” though Motherboard could not independently verify the contents’ legitimacy. It’s not entirely clear where the data was sourced from. On December 28 last year, news site CSO Online reported that a database configuration issue had left 191 million voter records exposed to the open internet. That data was discovered by security researcher Christopher Vickery, who found his own personal information within the dump.

Niger: Electoral register tidied ahead of February vote | Reuters

Niger has completed changes to its electoral register recommended by the International Organization of the Francophonie (OIF), the body said on Thursday, removing a major source of tension ahead of elections next month. President Mahamadou Issoufou is seeking another mandate as head of the historically turbulent, uranium-producing West African country on Feb. 21. He is the favorite to win but critics say he has become increasingly authoritarian and repressive ahead of the polls. The OIF, an organization representing French-speaking nations tasked with overseeing the voter list, had previously recommended the removal of around 300 ‘ghost’ polling stations and 25,000 voters counted twice.

National: Is there a federal factor in the voter records leak? | FCW

Lawmakers and the administration have for years been seeking common ground on a federal data breach law to replace the patchwork of state and local rules. But even with such a law in place, Uncle Sam may still have been shut out of any role in policing the recent exposure of a database of 191 million voter records. The trove of personal information, complete with home addresses and telephone numbers, was briefly available on the public-facing web, due to a database configuration error. Privacy advocates and the media scrambled to investigate, but federal agencies were quiet. While voter registration information is public, it is rarely offered up for public consumption in bulk without some strings attached. Some states bar public-facing online voter record databases, while Florida and Ohio, for instance, both run public-facing voter record look-up sites. Ohio’s site returns addresses for name and county searches, while Florida’s requires birthdates and contains a notice that the site is intended for use only by voters attempting to verify their own registration status. Florida’s state government is considering legislation that would exempt voter information from public records rules because of the possible threat of identity theft.

Colorado: Officials say voter database is public information | Associated Press

The Colorado Secretary of State’s Office says information on Colorado voters released on the Internet is public information and did not compromise any voter’s identity information after a database of 191 million U.S. voters was published on the Internet. The database included voter names, addresses, ages, party affiliation, phone numbers and voting history. A company that said it compiled the national database for campaigns said it was released inadvertently and was no longer available.

National: Millions of Voter Records Posted, and Some Fear Hacker Field Day | The New York Times

First and last names. Recent addresses and phone numbers. Party affiliation. Voting history and demographics. A database containing this information from 191 million voter records was mysteriously published over the last week, the latest example of personal voter data becoming freely available, alarming privacy experts who say the information can be used for phishing attacks, identity theft and extortion. No one knows who built the database, or precisely where all the data came from, and whether its disclosure resulted from an inadvertent release or from hacks. The disclosure was discovered by an information technology specialist, Chris Vickery, who quickly alerted the authorities and published his findings on Databreaches.net. NationBuilder, a nonpartisan political data firm, has said it may have been the source of some of the data, although the actual database that was released was not the company’s.

California: Possible voter data breach probed by California elections officials | Sacramento Bee

California Secretary of State Alex Padilla said Tuesday that his office is working to verify claims that confidential voter information had been publicly posted online. Padilla said the records were not posted by the California Secretary of State, and that he is collaborating with Attorney General Kamala Harris’ office to provide any necessary assistance. Harris’ office would not comment on a potential or ongoing investigation, to protect the integrity of any probe, a spokeswoman said. CNET, citing DataBreaches.net researcher Chris Vickery, reported that a massive trove of voter data was found on a publicly available Web server. The database of 191 million registered voters, including many in California, is no longer publicly accessible, Vickery wrote in an update.

National: Who Put This Huge Database of U.S. Voting Records Online? | PCMag

Time to get out your deerstalker hat. Somewhere out there is a publicly available database with approximately 191 million voting records, with details like names, birthdates, addresses, phone numbers, and political party affiliation. The problem? Nobody knows who owns the database, who set it up, how it got online, or why its information is public. According to CSO, which first reported on the story after being alerted to its existence by researcher Chris Vickery, it’s likely that the information in the database came from the political data firm NationBuilder, but it’s not necessarily the company’s fault that the information is live. A customer possibly purchased this information and made it public, but it’s unclear if they did so on purpose or by mistake. “NationBuilder is under no obligation to identify customers, and once the data has been obtained, they cannot control what happens to it,” writes CSO’s Steve Ragan. “In short, while they provided the data that’s in my newly leaked voter record, they’re not liable in any way for it being exposed.”

National: Database of 191 million U.S. voters exposed on Internet: researcher | Reuters

An independent computer security researcher uncovered a database of information on 191 million voters that is exposed on the open Internet due to an incorrectly configured database, he said on Monday. The database includes names, addresses, birth dates, party affiliations, phone numbers and emails of voters in all 50 U.S. states and Washington, researcher Chris Vickery said in a phone interview. Vickery, a tech support specialist from Austin, Texas, said he found the information while looking for information exposed on the Web in a bid to raise awareness of data leaks. Vickery said he could not tell whether others had accessed the voter database, which took about a day to download.

Georgia: Culture of expediency also to blame in voter data breach | Atlanta Journal Constitution

The Georgia Secretary of State’s office, which acknowledged last month it inadvertently released personal information on every registered voter in the state, has blamed a single employee for the breach. But records show the problem was deeper than the Secretary of State’s office has acknowledged, revealing a business culture that ignored written policies for the sake of expediency, according to a review by The Atlanta Journal-Constitution. Secretary of State Brian Kemp, who declined to answer the AJC’s questions, blamed the release of Social Security numbers, birth dates and drivers’ license numbers on Gary Cooley, a low-level computer programmer. Kemp quickly fired Cooley, saying he failed to follow data-handling procedures and covered up his mistake for weeks.

Editorials: Florida elections imperiled by human error | Daily Commercial

With the 2016 presidential election on the horizon and the ghosts of elections past still haunting it, you would think Florida would have an acute sense for ensuring its voting processes are working smoothly and efficiently. A recent report, though, indicates the state still is operating like a ‘74 Gremlin. The state auditor general, an independent officer hired by the Legislature, recently identified seven weaknesses with Florida’s voter registration system, a computerized database of voter information.

Editorials: Voting against another Florida election disaster in 2016 | Panama City News Herald

With the 2016 presidential election on the horizon and the ghosts of elections past still haunting it, you would think Florida would have an acute sense for ensuring its voting processes are working as smoothly and efficiently as a Ferrari engine. A recent report, though, indicates the state still is operating like a ’74 Gremlin. The state auditor general, an independent officer hired by the Legislature, recently identified seven weaknesses with Florida’s voter registration system, a computerized database of voter information. … To summarize, the state’s voter database is at risk of failing and/or being compromised. That would make for some potentially chaotic voting scenarios in a high-stakes national election — everything from valid registered voters being denied the opportunity to cast a ballot, to allegations of voter fraud. Hanging chads would seem quaint by comparison.

Iowa: State moving forward with online voter registration | Des Moines Register

Qualified voters with a state driver’s license or photo ID issued by the Iowa Department of Transportation will be able to register to vote online by the 2016 primary election if a new regulation is approved by a state commission, Iowa’s incoming top election official said Tuesday. The Iowa Voter Registration Commission held a public hearing Tuesday on a rule that would let qualified voters with a driver’s license or photo ID register to vote on a website. Currently, voters registering or updating their information must fill out a paper application form. Secretary of State-elect Paul Pate, a Republican who takes office in January, said he hopes to have the online system running for those in the DOT system by the primary election in June 2016. “My goal is, well before the next election cycle we would have this in place on some level, and keep expanding on it as we have the resources to do that,” Pate said.

Idaho: Ada County wrongly strips more than 750 voter registrations | KBOI

Hundreds of people in Ada County have been stripped of their voter registration when they shouldn’t have been. It all came to light when KBOI’s Truth Squad received a call from a woman in Eagle, saying her husband received a letter that said his voter registration was taken away. When the Truth Squad began making calls, Idaho Secretary of State Ben Ysursa, said it alerted him to the magnitude of the problem countywide. Charmaine Miller, the Eagle resident, read the letter her husband received in the mail. “Dear David…you are currently registered in Arizona. Based on this information, we have canceled your registration in Ada County, Idaho,” she said. “We’ve never been in Arizona,” Miller told KBOI.

Editorials: Why Ghana Has Probably the World’s Worst Voters’ Register | GhanaWeb

On Thursday, June 5, 2014, the Chairman of Ghana’s Electoral Commission, Kwadwo Afari-Gyan, took a potentially dangerous and indefensibly stubborn position by insisting that the electoral management body would not bow to pressure from political parties and civil society groups to commission an independent audit of the biometric voters’ register. To him, there was no evidence that the register was bloated or not credible. Looking cursorily at Ghana’s 2012 voters’ list, having 56.2% of the population certified as eligible voters, may appear pretty normal. But, the picture becomes evidently disturbing upon closer scrutiny of the statistics and when compared to figures across the globe. What comes out is that Ghana has one of the most abnormal, if not the worst, electoral roll in the entire world. It is certainly the worst in democratic Africa.

South Dakota: State, counties find bumps, success in voter registration system | Argus Leader

The TotalVote comprehensive voter database got its first statewide test in the primary election June 3. Whether it succeeded depends on whom you talk to. While reported problems seem roughly proportional to the size of the counties using it, Minnehaha County Commissioners heard enough tales of voters being directed to the wrong precincts in the low-turnout primary to spark concern about how TotalVote will perform in the November general election, when turnout is expected to be much higher. Getting the election right is a sobering responsibility for public officials. The effect, for them, of heading toward the general election with potentially unresolved TotalVote issues might be summer dreams haunted by apocalyptic visions along the lines of Supreme Court justices peering owlishly at hanging chads and banana republic dictators winning elections by margins greater than 100 percent.

Utah: Legislature moves to bottle up some Utah voter data

Stung by the release of detailed voter information on 1.5 million Utahns online in January, Utah lawmakers are taking action to protect voter information. A bill making two changes in the voter information process passed the House by a 71-2 vote on Tuesday. The bill, HB 302, would keep voter birth date information classified and would also allow voters to opt into a program to protect all of their information, going forward. The bill now advances to the Senate for further consideration. Sponsored by Rep. Becky Edwards, the bill is one of two voter information related items being considered by the Legislature this session. It comes weeks after a New Hampshire man bought a voter registration list from the state and made that personal information available online for free. The information includes names, birth dates, phone numbers and the voting activity of everyone in specific households during recent elections.

Canada: New election law to crack down on robocalls, voter fraud | The Record

Canada’s election law is getting a major overhaul, aimed at making it tougher to play on the dirty-tricks side of the political game. A crackdown on automated “robocalls” and voter fraud are among the measures contained in the 242-page bill unveiled Tuesday by Democratic Reform minister Pierre Poilievre. And in what’s being widely viewed as a rebuke to Canada’s Chief Electoral Officer Marc Mayrand, the Conservatives have taken away his oversight of investigations into election-law abuse. The commissioner of elections, who conducts those probes, will now report to Canada’s director of public prosecutions, who has an arm’s-length relationship with government and political entities. “What we are doing is making sure that office has full independence,” Prime Minister Stephen Harper said in the Commons on Tuesday. Poilievre said the change gives Canada a new breed of political-crimes investigator — one with “sharper teeth, a longer reach and a freer hand.”

Iowa: Flawed databases can foul voter lists | Quad City Times

The Iowa Secretary of State’s office said Thursday it is willing to work to fix a problem that led to three northern Iowa voters having their ballots tossed out of the 2012 election. Meanwhile, officials in several county auditors’ offices said that although they think the problem experienced by the three is rare — or at least that it hadn’t happened in their jurisdictions — they recognize the statewide voter database that improperly included their names has errors. “The important thing is now that we know there was this flaw that exists, we’re going to work with the Secretary of State’s office to fix it,” said Eric Van Lancker, the Clinton County auditor who is president of the state auditor association. About 46,000 people are on the database of felons who are prohibited from voting.

Ohio: 17 people caught casting illegal ballots in 2012 election | The Columbus Dispatch

Thanks to new cross-checking of the statewide voter database with drivers’ license records, Secretary of State Jon Husted today said his office discovered 17 non-U.S. citizens cast illegal ballots in Ohio’s 2012 general election. Husted has turned over the names of those voters, including five from Franklin County, to the state attorney general’s office for possible prosecution. Under Ohio and federal law, a voter must be a U.S. citizen, and must attest to that fact when registering to vote. Another 274 Ohioans, all of whom are in the state legally but also are not U.S. citizens, are registered to vote but have not cast a ballot. Husted said his office is sending a letter to each informing them they are illegally registered along with the forms needed for them to cancel their registrations. They will not be turned over for prosecution unless they fail to cancel, Husted said.

Ohio: Efforts to clean up statewide voter database lead to just four duplicates on the books for 2013 election cycle | Cleveland Plain Dealer

Efforts to clean up Ohio’s database of 7.7 million registered voters succeeded in eliminating all but four duplicate entries for this election cycle, the secretary of state’s office said Tuesday. Secretary of State Jon Husted has touted his office’s efforts to improve the voter database since he took office. The database, which was established in 2004, contained more than 340,000 duplicate records in January 2011. “Maintaining accurate and up-to-date voter rolls is an ongoing process that is important in helping to ensure greater security and more efficiency in the administration of elections in Ohio,” Husted said.

Maldives: PPM requested access to Elections Commission IT software: Elections Commissioner | Minivan News

Amid constant attacks on the Elections Commission’s (EC) internet server and concerns over voter database security, Commissioner Fuwad Thowfeek has revealed that the Progressive Party of Maldives (PPM) had previously requested access to the commission’s IT section. Despite admitting their ongoing concerns in this matter, the PPM have denied asking for this kind of access. The EC’s internet server is currently facing continuous attacks from hackers both within the Maldives and abroad, although EC Commissioner Fuwad Thowfeek has previously dismissed rumours that any such attempts had been successful. Earlier this month, PPM and Jumhooree Party (JP) lodged a complaint with the EC expressing fears that foreign nationals had access to the Maldives’ voter database for the upcoming presidential election. The EC has sought assistance from Indian IT professionals to set up software in order to oversee future council elections.

National: Cyberattack on Florida election is first known case in US, experts say | NBC

An attempt to illegally obtain absentee ballots in Florida last year is the first known case in the U.S. of a cyberattack against an online election system, according to computer scientists and lawyers working to safeguard voting security. The case involved more than 2,500 “phantom requests” for absentee ballots, apparently sent to the Miami-Dade County elections website using a computer program, according to a grand jury report on problems in the Aug. 14 primary election. It is not clear whether the bogus requests were an attempt to influence a specific race, test the system or simply interfere with the voting. Because of the enormous number of requests – and the fact that most were sent from a small number of computer IP addresses in Ireland, England, India and other overseas locations – software used by the county flagged them and elections workers rejected them. Computer experts say the case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote. “It’s the first documented attack I know of on an online U.S. election-related system that’s not (involving) a mock election,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who is on the board of directors of the Verified Voting Foundation and the California Voter Foundation.

Nepal: Election Commission builds biometric voter database ahead of election | BiometricUpdate.com

The Election Commission in Nepal has been working on a biometric voters’ registry database and has accumulated 10.9 million eligible voters thus far, Republica reports. So far, registration takes place at the Commission and consists of a fingerprint and a photograph for identity verification. The Commission has been making internal preparations for the next constituent assembly election in the country, including developing a 120-day integrated action plan to ensure all human resource, materials and budget have been accounted for.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

Connecticut: Voter database plagued by glitches | Connecticut Post

Election officials said they endured lengthy wait times to print out voter lists or simply to verify who is eligible to cast ballots next month in a host of marquee races, including the presidency. Some registrars of voters eventually gave up, choosing to try again during off-peak periods. The Secretary of the State’s Office acknowledged it has a problem on its hands and said it will convene a special meeting Thursday with the state’s technology team. The agency can least afford any mistakes after a ballot shortage in Bridgeport two years ago cast a dark cloud over the gubernatorial election won by Democrat Dannel P. Malloy over Republican Tom Foley by 6,500 votes.

Tennessee: Shelby County Election Commission hopes for smoother vote on Thursday | The Commercial Appeal

With a troubled early-voting period now behind it, the Shelby County Election Commission is working to insure voters receive correct ballots on Thursday’s Election Day. But the commission and its staff continue to ask voters to be sure when they go to the polls that they know which state and federal districts they should be voting in, and to ask poll workers for clarification if there is any question of whether they are voting in the correct districts. “We continue to work to try to make sure we will be as successful as possible on Election Day,” said commission chairman Robert Meyers. “We’re doing all we can to make it through this election, and then post election we’ll be taking some serious looks at what happened and why it happened.” The state said last week it will conduct a performance audit after the election, and Meyers said Monday he hopes that will help identify core problems that have affected previous elections as well.

Tennessee: Shelby County Election Commission Admits Ballot Problems | Memphis Daily News

Challenges to the conduct of the Aug. 2 election may have reached a peak Tuesday, July 24. The Shelby County Election Commission admitted a “limited number” of voters in some precincts got early voting ballots that included the wrong district races. Their work on their voter database to include the new boundaries for state legislative and congressional districts approved in Nashville in February began just four days before the end of the early voting period in advance of the Aug. 2 election day. And sometime during the day Tuesday, City Attorney Herman Morris filed a lawsuit in Nashville Federal Court challenging state election officials on their decision not to honor photo library cards as a legal form of photo identification required by state law to vote. The lawsuit alleges violations of the U.S. Constitution including the equal protection clause.

Florida: Noncitizen voter database has flaws, local elections officials say | Tampa Bay Times

Florida election supervisors, at their annual convention in Tampa this week, find themselves focusing once again on a familiar and troubling issue: the accuracy and reliability of the state voter registration database. It’s not a problem of their making, and that only adds to their frustration. As the elections officials convene, they are simultaneously seeking to verify the legal status of about 2,700 voters who were red-flagged by the state motor vehicle agency as non-U.S. citizens and thus ineligible to vote. Problem is, some people on that list can legally vote. One of the people on the list is Manoly Castro-Williamson, 48, of Wesley Chapel, a U.S. citizen and a registered Republican who has voted in every election in Florida since 2004. She was one of 13 potential noncitizen voters forwarded to Pasco County by state elections officials.

Florida: Noncitizen voter database has flaws, local elections officials say | Tampa Bay Times

Florida election supervisors, at their annual convention in Tampa this week, find themselves focusing once again on a familiar and troubling issue: the accuracy and reliability of the state voter registration database. It’s not a problem of their making, and that only adds to their frustration. As the elections officials convene, they are simultaneously seeking to verify the legal status of about 2,700 voters who were red-flagged by the state motor vehicle agency as non-U.S. citizens and thus ineligible to vote. Problem is, some people on that list can legally vote. One of the people on the list is Manoly Castro-Williamson, 48, of Wesley Chapel, a U.S. citizen and a registered Republican who has voted in every election in Florida since 2004. She was one of 13 potential noncitizen voters forwarded to Pasco County by state elections officials.