iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The same hacking group that claimed Sony’s scalp earlier this month is now selling the records and voting details of 600,000 US citizens.
“We have successfully breached the District of Columbia Board Of Elections and have gotten more than 600k lines of USA voters,” the hackers wrote on their leak site late last week.
Included as proof of hack is a single sample of data, listing the complete details of a single voter. The information included in the leak appears to be the voter’s full name, email address, driver’s licence number, social security number, party affiliation, telephone number, and voting details such as polling place and voting ward.
Ransomed.vc has not disclosed what it hopes to sell the data for, instead simply asking prospective buyers to contact them. A total of 329 people have already viewed the leak page.
The District of Columbia Board Of Elections (DCBOE) has confirmed the breach in a statement released soon after – and shared on Ransomed.vc’s Telegram channel by way of a boast.
In a rare admission for the victim of such an attack, the letter attributes the hack by name before adding that it was a third-party issue.
“While DCBOE is still investigating this matter, DCBOE has found that voter records were accessed through a breach of the web server DataNet, DCBOE’s website hosting provider,” the letter read. “No internal DCBOE databases or servers were directly compromised.”
DCBOE went on to say it is working with “data security and federal government partners to investigate the breach” and that it is running vulnerability scans on its systems and networks.
The DCBOE website has also been voluntarily taken down and replaced with a maintenance page after discovering that the site itself was the cause of the breach.
Earlier this month Ransomed.vc made headlines after breaching an internal testing environment belonging to electronics giant Sony. Sony later confirmed a second breach – this time perpetrated by the Clop ransomware gang – saying that 6,800 individuals, mostly current and former employees and their families, were affected.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
