Pierluigi Paganini March 30, 2020

Voter information for 4,934,863 Georgians has been published on a hacker forum over the weekend.

According to the data breach notification service Under the Breach, on Saturday a file containing voter information for more than 4.9 million Georgians, including deceased citizens, has been published on a hacking forum.

Georgia has 3.7 million citizens, but the voting population is around one third.

Data were included in a Microsoft Access database file of a 1.04 GB.

Exposed personal information includes full names, home addresses, dates of birth, ID numbers, and mobile phone numbers.

Under the Breach shared the database with the online media outlet ZDNet that analyzed it and confirmed the presence of 4,934,863 records, many of them belonging to deceased voters.

“The database contained 4,934,863 records but was not kept up to date, as it also included details for millions of deceased voters — as can be seen from the screenshot below.” reads the post published by ZDNet.

The user that published the file on the hacker forum claims it was originated from official government portal voters.cec.gov.ge, which is the government service that allows voters to verify and update their registration records.

At the time it is not clear how data was obtained by the users that published it.

Similar incidents already occurred in the past, in September experts discovered a huge data leak affecting Ecuador, maybe the largest full-country leak, that exposed data belonging to 20 million Ecuadorian Citizens.

In August 2019, voter information of more than 14.3 million Chileans, which accounts for nearly 80% of the population, was exposed on the internet due to an unsecured Elasticsearch database.

Pierluigi Paganini

(SecurityAffairs – Georgians voters, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]