A couple of weeks ago Salted Hash reported on a sensational discovery made by the security expert Chris Vickery who found a misconfigured archive containing the personal details of 191 million U.S. voters.
A misconfigured database is the root cause of the exposure of around Millions voter records including full names, unique voter IDs, unique voter IDs, date of births and phone numbers. Vickery and DataBreaches.net tried to contact voter information companies and various political groups, but all have denied any involvement in the incident.
Now a second database has been has been discovered containing voter records from US states that began with the letters A-I, but excluding Illinois and Iowa. The database contains roughly 56 million records, more than 18 million of them were targeted profiles.
“Around the same time the first database was discovered a second, smaller database was also found by researcher Chris Vickery. This second database contains voter profiles similar to those previously discovered, however, it also includes records that hold targeted demographic information.” reported Salted Hash. “While the overall total of records is lower (56,722,986 compared to 191 million) it’s still a concerning figure, but this discovery took a steep downturn when more than 18 million records containing targeted profile information were added to the mix.”
Which is the source of this second Database?
A comparison of the databases allowed the expert to discover that the second database comes from the same source of the first one but is appears a newer version of data which are dated April 2015. The records contain voter’s name, address, phone number, date of birth, voting record, and other information not contained in the first archive, including several fields for custom text.
The second database contains markers that could be used for the identification of US voters.
The presence of an nbec_precinct_code and a voter ID code suggests this data have been previously identified by political experts as Nation Builder Election Center data.
As mentioned in the first story, Nation Builder is under no obligation to identify customers, and once the data have been obtained, they cannot control what happens to it.
While the previously discovered voter database contained more records, this second database, though smaller, contains more information that has been used to profile the US voters.
“Other fields include email address, something that wasn’t part of the larger voter database covered last week; as well as records focused on health issues, gun ownership, household values (e.g., religion / social issues), fishing and hunting interests, auto racing interests, longitude and latitude of the voter, income level, and occupation.” continues Salted Hash.
Who manages this second database of US voters?
Also in this case, voter information companies and various political groups denied any involvement in the case.
The data referring to religion and values-based issues suggested a GOP-focused organization maintained the archive, but more interesting is the presence of to attributed “pioneer_status” and “pioneer_counter”, two database users (Pioneer, Pioneer2), as well as a reference to Pioneer in the database schema that support the hypothesis. The database contains also URLs referencing Pioneer Solutions Inc., and Let’s Vote America.
Pioneer Solutions is for the above reasons considered the prime suspect for the ownership of the US voters archive, but is is also possible the involvement of a third party organization that have partnered it (i.e. Americans for United Life, Bound4Life, Concerned Women for America, the Family Policy Institute of Washington, the Liberty Institute, or iVoteValues).
Days after the Pioneer Solutions was informed of the discovery, the second database was secured.
Let me suggest to read the interesting post “Did a Christian right-wing organization expose private details of millions of people?” published by Databreaches.net.
(Security Affairs – US voters archive, data leak)