Researchers uncovered a database contains almost 35 Million U.S Voter Records that selling in the popular hacking forum at a various price from $150 USD to $12,500 USD depends on the buyer’s requirement.
The database is very large and it contains very valuable personally identifiable information, voting history and the price includes for each and every states.
There is 19, U.S states database are posted for sale in the underground hacking forum that includes 23 million records for just three of the 19 states and rest of the state’s records having different numbers.
Researchers said, “To our knowledge, this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history”.
In this case, sellers indicate that they receive weekly updates of voter registration data across the states and they receive information via contacts within the state governments.
Its seems threat actors legitimately obtain the database from the state government and using it for malicious purpose in a hacking forum.
Sales Advertisement in Hacking Forum
An Advertisement that posted in the popular English-language speaking hacking forum on October 5, 2018, shows that the following 19 states affected citizens records.
- Georgia
- Idaho
- Iowa
- Kansas
- Kentucky
- Louisiana
- Minnesota
- Mississippi
- Montana
- New Mexico
- Oregon
- South Carolina
- South Dakota
- Tennessee
- Texas
- Utah
- West Virginia
- Wisconsin
- Wyoming
The price of the U.S Voter Records fixed based on a number of voter records per database listing and/or, to a lesser degree of confidence and the price range fixed from $150 USD to $12,500 USD depending on the state.
Texas($1300), Wisconsin($12,500) and Louisiana($5000) state record only covered 23 million records and the rest of the record belongs to remaining states.
Threat actor also organized a crowdfunding campaign to purchase each U.S Voter Records registration database where he mentioned that the all earlier purchased users will be having Kansas voter database for free.
According to Anomali Labs , A second crowdfunding project, voted by forum members to select the next state, is close to 20.7% of its funding goal. Oregon currently leads the voting for the second state to be published.
“This type of information can facilitate criminal actions such as identity fraud or allow for false submissions of changes online to voter registrations, making some legitimate voters ineligible to cast ballots. In a voter identity theft scenario, fraudsters can cause disruptions to the electoral process through physical address changes, deletion of voter registrations, or requests for absentee ballots on behalf of the legitimate voter”.Anomali Labs said.
Also Read:
Thousands of US Voters Personal Data Leaked Online Again
California Voter Database Leaked – 19 Million Voters Records Under Risk
