Americas, Content

Report: 35 Million Voter Registrations Stolen in Massive 19-State Heist


An estimated 35 million voter registrations spanning 19 states are for sale on the dark web, a new research report said. That’s 26 percent of the total number of voters in the 2016 presidential election.

Aside from the obviously huge breach, why is this fire sale particularly menacing? It’s the timing: Add in data from the heisted voter records and stolen social security numbers and drivers’ licenses perhaps pilfered from other break-ins and you have a treasure chest of information hackers could use to meddle in the upcoming midterm election.

Databases from three of the impacted states alone house 23 million records, including the voter’s full name, phone numbers, physical addresses, voting history, and other unspecified voting data, according to the joint effort by Anomali Labs, a research unit of the Redwood City, California-headquartered threat platform developer, and Intel471, a Dallas, Texas-based provider of actor-centric threat intelligence.

In one instance, on October 5, a bootleg seller was peddling previously undisclosed millions of 2018 voter registration records, according to the researchers. The price for each voter list ranged from $150 to $12,500, depending on the state, the number of voter records per database listing and the seller’s confidence in the information’s accuracy, the report said. The researchers looked at a sample of the database records and believe they’re valid. Prices but not actual records for the other 16 states were included in the data dump.

Of all the information in the report, here’s one that chillingly stands out: The seller promises to give buyers weekly updates of voter registration data across the states. Where do they say their information comes from? Contacts inside the state governments. In other words, the sellers claim it’s at least partially an inside job.

As a matter of course, certain voter information, some of what’s for sale on the hacker forums, is publicly available but typically only to authorized persons (political campaigns, journalists, academicians, etc.) and can’t be used for commercial purposes or posted online. Voter data is often used by political campaigns and pollsters to target frequent voters.

Here’s some more information from the report:

  • The stolen data may not result from a system flaw. It may stem from a targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes.
  • Voters in these states are at risk: Georgia, Idaho, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Mississippi, Montana, New Mexico, Oregon, South Carolina, South Dakota, Tennessee, Texas, Utah, West Virginia, Wisconsin and Wyoming.
  • Within hours of the initial sales advertisement, another bad actor set up a crowdfunding campaign to buy each voter registration database. According to the actor, the purchased databases would be made available free of charge to all registered members of the hacker forum.
  • A second crowdfunding project, voted by forum members to select the next state, is roughly 21 percent toward its funding goal.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.