The content of voter databases of around 35 million US citizens are being peddled on a hacking forum, according to a report from threat intelligence firms Anomali and Intel 471. The researchers revealed that cybercriminals have obtained unauthorized access to the U.S. voter registration databases and put them for sale in dark web forums.
The database holds personal information like names, phone numbers, address details, and voting history, according to the researchers. They also said the data is priced between $150 and $12,500. The report stated the disclosure affects 19 states, including Georgia, Idaho, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Mississippi, Montana, New Mexico, Oregon, South Carolina, South Dakota, Tennessee, Texas, Utah, West Virginia, Wisconsin, and Wyoming.
According to the researchers, the sellers receive updated voter registration data across the states via their close contacts within the state governments. It was specified that voters’ information disclosure is not a technical breach but a targeted operation by threat actors to perform malicious activities.
“To our knowledge, this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history,” Anomali stated in an official post. “With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large-scale identity theft.”
In related news, the Microsoft Corporation recently stated that hackers linked to Russian military intelligence tried to hack the websites of two conservative think-tanks in the United States ahead of November midterm elections. The tech giant revealed it has detected and seized websites that were created by hackers to mimic the pages of the International Republican Institute and the Hudson Institute. These sites are designed to redirect the users to fake web pages where they were asked to enter usernames, passwords, and other credentials.