Personal Data of 198M US Voters Has Leaked in Largest Ever Voting Breach

Political data breaches aren’t just for the DNC anymore: A GOP data firm has accidentally leaked personal information on almost all of the 200 million registered voters it had access to. The database was left exposed to the internet on a publicly accessible Amazon server.

The number of Americans affected is estimated to be 61 percent of the entire U.S. population, and span both political parties.

The News

The news was broken by the internet security team at UpGuard, which posted this today:

“In what is the largest known data exposure of its kind, UpGuard’s Cyber Risk Team can now confirm that a misconfigured database containing the sensitive personal details of over 198 million American voters was left exposed to the internet by a firm working on behalf of the Republican National Committee (RNC) in their efforts to elect Donald Trump. The data, which was stored in a publicly accessible cloud server owned by Republican data firm Deep Root Analytics, included 1.1 terabytes of entirely unsecured personal information compiled by DRA and at least two other Republican contractors, TargetPoint Consulting, Inc. and Data Trust.

In total, the personal information of potentially near all of America’s 200 million registered voters was exposed, including names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as “modeled” voter ethnicities and religions.”

Since UpGuard noticed the leak last week, tech site Gizmodo has confirmed the ownership of the data belonged to Deep Root Analytics, a “conservative data firm that identifies audiences for political ads.”

The Scale

Previous voter information leaks across the globe include a Mexican government data breach that revealed the private records of 93.4 million voters, reported in April 2016, and a breach impacting 55 million voters in the Philippines. This one has both breaches beaten by an additional 100 million voters, making it very likely the largest known exposure of voter information in history.

One particularly upsetting detail in UpGuard’s account of the breach investigation? The files in question started with “the potential voter’s first and last names,” immediately “limiting even the barest possibility of the data sets masking the identities of those described.”

These breaches will only get worse until better protocols are common across the internet. Rule number one? If you have a terabyte of data, password protect it.

Read more about cybersecurity risks on Tech.Co

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' was a 2024 Locus Awards finalist. When not working on his next art collection, he's tracking the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals