Cyber security firm Trustwave SpiderLabs discovered a hacker selling the information of around 186 million voter data in the United States. In a blog posted on its website, the team revealed that the database contains “a shocking level of detail” about voters and consumers.
According to the post, the team found an advertisement on RaidForums.com, claiming to have voter and consumer records. The database includes sensitive and personally identifiable information (PII) such as names, age, gender, political affiliation, and addresses.
Other information involved is the number of children and their ages, marital status, ethnic group, home value, and purchase data, mortgage amount and lender name, and interest areas.
One-third of the information also has phone numbers. Overall, the set contains more than 400 data points about each individual.
Moreover, the database carries information about US citizens living in other countries including Canada, the United Kingdom, Ireland, and South Africa.
Approximately, there are 245 million records in the country’s consumer database, which is almost the same as the population of the US. This means that hackers are selling a significant portion of consumer and voter data.
The main actor, with the username GreenMoon2019, claims to have much more data about US consumers. In a post they made last year, they advertised a massive dataset composed of 245 million records, which can cover the entire US population. The file is 437GB large.
The group was able to make millions of dollars in such activities. Trustwave said that the bitcoin wallet attached to the sellers have earned $100 million in the last five months.
The discovery came at the end of September 2020, almost a month after the much-anticipated elections in November.
Trustwave speculates that the database “can be used to conduct effective social engineering scams and spread disinformation to potentially impact the elections, particularly swing states.” Moreover, it can be used in various crimes such as scams, fraud, and identity theft.
It is important to mention that some of the information included in the database is publicly available in government resources, specifically the North Carolina State Board of Elections.
Any user can download detailed Voter History Data and Voter Registration Data from the said website or by connecting to its FTP site.
As of writing, the post has been taken down from the forum. However, the Trustwave team was able to directly contact the seller and was informed that the database is still up for grabs.
