2.4 Million Ontario Voters' Private Info Compromised

An anonymous reader writes "Elections Ontario, an agency tasked with the organization and conduct of general elections and by-elections in Canada's Ontario region, is warning voters about the loss and potential theft of two USB sticks containing private information of 2.4 million voters from approximately 20–25 electoral districts. The information at issue is limited to full name, gender, birth date, address, whether or not an elector voted in the last provincial election and any other personal information updates provided by voters to Elections Ontario during that time, as well as administrative codes used solely for election purposes. The information does not include how an individual voted."

Re:

[Sir_Sri]

Why would you include date of birth?

Political campaigns can know your name (maybe just first name), address and whether or not you voted and they can reasonably conclude gender most of the time from first name.

But ya, overall that information is pretty public (except whether or not you voted). You're in any of the phone book, land registries, employer office parties, condo corporations etc.

Re:

[Cabriel]

To ensure the person is of voting age?

Re:

[Desler]

Date of birth information is part of public record, too. You didn't actually think you DoB was secret did you?

Re:

[cygnwolf]

Age and if you even bother to vote are important demographics. Someone in the 20-25, 'college age' group likely has different things that are important to them than say, someone who is in the 55-60 age group. A USA example would be social security. Very few 20-somethings that I know are even remotely concerned with it. On the other hand, someone who is 60 is already likely to be face the choice to retire at 62 or hold out till 65. (I know, TFA was about our northern neighbors, but I'm sure there's a simil

Re:

[realityimpaired]

Now, if that should be considered publicly available info is up for debate

It's a matter of public record.

http://www.ontario.ca/en/ontgazette/STEL01_033657.html [ontario.ca]
http://www.gazette.gc.ca/index-eng.html [gazette.gc.ca]

Each province has their own equivalent of the Gazette. If you know the name of somebody and the province they were born in (and seriously, there's only 10), you can find what year they were born in by searching by name. All births, deaths, and name changes are published as part of the vital statistics act. You *can* have something like that be non-published (I did a name change a few y

Re:

[Mashiki]

Why would you include date of birth?

DoB is included because in Canada, we use government photo ID as a requirement to be allowed to vote. Your ID has to match, and in turn your name, address and DoB has to match the registar book. No matchy, no vote.

So what?

[busyqth]

Doing everything electronically and "on the net" is of such overwhelmingly critical importance that the loss of a few million voter records is of little interest to any civilized human being.
Just imagine if we had to go back to pencil and paper! The barbarism! *SHUDDER*

Re:So what?

[Anonymous Coward]

If you've ever seen the way Canadian elections are handled, you'd know just how difficult that is to do. The steps involve a non-neutral representative from each party watching the ballot box, along with multiple neutral elections Canada employees watching it. All these people must be present whenever a vote is cast into the box, or if the box is moved (in my case, I had to walk to the hallway as a disabled person wished to vote and there were stairs leading to the voting area). All votes themselves are done completely secretly.

The box is opened with all these people watching and every single vote is counted aloud and all representatives may complain if they see a vote they aren't happy with (not marked properly, forged, stuffed box, etc). We all get to watch each voter enter and get crossed off the list as they vote. The number of votes much match what we all saw. Once the votes are tallied (or someone complains from the group about a vote) a special cellphone only to be used for the election is used on speakerphone to call in the results in front of all of us.

The box is then taped up with special security tape and driven directly to a secure storage location.

The only way to have any tampering would be for all involved parties to be corrupt. That would be odd co-operation since all involved parties (other than Elections Canada) don't like each other.

Re:

[SomePgmr]

Well sure, those kinds of things have happened... though I'd be surprised if 2.4m people worth of paper records were lifted all at once. I'm not-so-surprised with electronic records on a thumb drive. That can fall out of your pocket in the parking lot.

Re:

[Em Adespoton]

Well sure, those kinds of things have happened... though I'd be surprised if 2.4m people worth of paper records were lifted all at once. I'm not-so-surprised with electronic records on a thumb drive. That can fall out of your pocket in the parking lot.

...of course, the drives were encrypted, so this isn't much of a story. Since it could fall out of your pocket in the parking lot, they took precautions.

Strange thing, is I don't see this mentioned in the linked articles or anywhere on here.

Re:

[Anonymous Coward]

I wanted to start my response with "Are you stupid?" but instead I'll start with the following paragraph.

Paper voting can be monitored at every stage by representatives of all parties and by apolitical observers. In the UK, that's exactly what happens - from the carrying/opening of the ballot box to the count to the recording of results. There are people standing around watching everything who can and will raise merry hell if anything appears to be wrong.

You simply can't get this level of auditing with elec

Re:

[Desler]

You mean loss of records that anyone could already obtain since they are part of public record?

Re:

[busyqth]

You mean loss of records that anyone could already obtain since they are part of public record?

Yes I mean those. Exactly those. And no others.

Re:

[Mashiki]

In Canada we pretty much do everything by pencil and paper. What this is though is the register of voters of who's eligible to vote by district. There are places where you can vote by electronic machine, but most people don't use them, they don't like them. It's pretty simple and straight forward.

How it works is like this:
In Canada when you file your taxes, you get the option of allowing Revenue Canada to send your personal information(DOB, name and address) to Elections Canada and in the regional offic

Private?

[Lev13than]

Sounds like the same "private" information that every candidate and party has access to during the election campaign and on election day. Not sure about the birth date, but everything else is definitely on the voter registration and tracking printouts used by poll clerks and by party scrutineers during the election.

Yes, but you have to *pay* for those

[oneiros27]

$128 in Maryland:

http://www.elections.state.md.us/voter_registration/purchase_lists.html [state.md.us]

(and you can get 'em on CD, rather than printed out ... I seem to recall it being a spreadsheet when I saw one ... don't know if it was a flat file that someone had imported, or if they gave it to you in Excell)

Re:

[Em Adespoton]

So, your issue is not that private or personal information was leaked, but that the Canadian government was not adequately reimbursed for the leaked data?

I'm not really understanding your position on this matter. Are you for or against the release of this information?

If you are for it's availability, why do you feel that a fee associated with public information is appropriate?

If you are opposed to the release of this information, why would you be amenable to its release simply because a fee was paid?

I think he's meaning to point out that as you can purchase this information relatively cheaply, it doesn't really matter whether or not it was leaked.

Of course, Canada still isn't the US, and the data was encrypted, so nobody likely got their hands on the sensitive data.

Re:

[Mike Van Pelt]

That was what I was thinking. When I ran for a local office and did some precinct walking back in 1992, I got a printout (fan-fold, green-lined line printer output) with this information. I don't recall what it cost, but it wasn't that much.

In Other News, Phone books missing

[retroworks]

I'm almost as alarmed by the sense of alarm. This sounds like harmless information. A ten year old hard drive is not the same as losing your current laptop, and being tagged in a Facebook photo is not as dangerous as having your social security information compromised. Maybe we should distribute useless USB sticks filled with past telephone book listings just to keep identity thieves busy..

Re:

[Sir_Sri]

encrypted

USB sticks

you missed an important part.

Re:

[mlts]

From the TFA, the USB stick was not encrypted.

This in itself is pure stupidity. You can buy USB flash drives with hardware AES encryption on the cheap. Even the more expensive drives that are physically tamper resistant like the IronKey are not that pricy.

As for software locking, BitLocker comes with Windows 7, and TrueCrypt is available at no charge.

There is no excuse for unencrypted USB drives, none.

Re:

[Em Adespoton]

The TFA didn't say the stick wasn't encrypted -- it just failed to mention the fact that it was... and yes, it was. Other articles available on google go into much more detail.

And yes, there is no excuse for unencrypted PII on USB drives.

Re:

[pluther]

...and being tagged in a Facebook photo is not as dangerous as having your social security information compromised.

It could be worse, depending.

Having your SSN compromised can be fixed through filling out some forms, paying some fees, and forwarding a few dozen letters to wishful creditors.

But whenever a new HR department googles you and finds that one picture...

Re:

[EdIII]

While you are attempting to make light of it, there are rather serious concerns:

The information at issue is limited to full name, gender, birth date, address, whether or not an elector voted in the last provincial election and any other personal information updates provided by voters

Physical address is concerning. Not everyone wants that listed and has trust that the government, who ostensibly needs that information, will protect it. Yes, it could matter. Plenty of people are harassed, have sensitive jobs (law enforcement, abortion doctors, etc.), and have quite valid reasons to wish for some privacy and anonymity. Both of which are basic human rights that no government should be able to violate in the firs

Re:

[mcgrew]

Physical address is concerning.

For a hundred years, almost everyone's address was published in a printed book that came out yearly. It was opt-out, and to keep your name off the list you had to pay extra for the unlisted phone number.

Plenty of people are harassed, have sensitive jobs (law enforcement, abortion doctors, etc.)

If you're being harrassed, you go to the courthouse and get an order of protection. If you're a cowardly wimp, law enforcement may not be the ideal line of work for you. If you're an abo

What is this info doing on USB-sticks?

[santax]

What would be a valid reason to put that much info on 2 usb-sticks besides, wanting to sell it or altogether being to darn lazy to even think about security and consequences. Anyone?

Re:

[Sir_Sri]

moving data between computers. Not everyone knows how to do network sharing. they may also physically mail the encrypted USB sticks to people (or pass them around) for whatever reason. Ontario is a big place, and we've got about 13 million people over a large area, so there might be a lot of data moved around snail mail style by people who for whatever reason aren't linked up to a the central physical database.

They may also have data for static analysis. The 'real' data might be updated constantly as pe

Re:

[Sir_Sri]

The local reporting here said it was. I'm not sure who is wrong/lying

Re:

[Em Adespoton]

The data WAS encrypted, so your argument is useless. The poster just chose the wrong links, as the ones linked fail to mention that the data was encrypted.

Re:

[Anonymous Coward]

I find it somewhat amusing that the information for "public figures" is kept private, while for private citizens it is made public.

Re:

[Em Adespoton]

In Canada (and in Ontario), there are specific laws protecting personal information and how it can be stored/used. There is a stricter set of laws aimed at the government, and a laxer set of laws that apply to all businesses and individuals. So while the data is available if you go through the right channels, how you get the information (and the information you need to give up about yourself to get it) is strictly controlled.

Re:

[Striek]

The laptops were not networked and were not connected to the Elections Ontario network, therefore, two USB drives were to be used for the purpose of transferring information amongst the laptops in the facility.

http://www.elections.on.ca/en-CA/AboutUs/Privacy_Breach.htm [elections.on.ca]

Re:

[ThatsNotPudding]

Might be time to require any USB stick used by government officials to be permanently attached to a large iron ball.

Re:

[PolygamousRanchKid]

permanently attached to a large iron ball.

I've got a better idea. How about attaching it to the two balls in the crotch of the user?

No idiot would lose them by leaving them around somewhere, and not be able to find them. But then again, nothing can be made foolproof, because fools are so ingenious.

Once again, humans are the weakest link in the security chain. Now, if you'll excuse me, I need to adjust my shit. My USB stick isn't hanging right . . .

at least the made a public statement...

[acidfast7]

...versus most corps who do not unless forced to.

Ontario region?

[Chonnawonga]

FYI, Ontario is a province. net-security.org should appreciate the value of precision, and /. editors need to edit.

Sincerely, an Ontarian. (Yes, that's a word.)

Re:

[dkleinsc]

/. editors need to edit

You must be new here - that's really expecting far too much.

Re:

[Chonnawonga]

/. editors need to edit

You must be new here - that's really expecting far too much.

Oh, I don't expect them to DO it. I just want them to lose sleep at night.

Re:

[DarthVain]

LOL.... really Ontario Region?

Its just 1,000,000 square km (400,000+ sq miles). Just a little area really....

Ontarioish. Brings new meaning to inaccurate, both in word, and in meaning.

Seriously?

[Zamphatta]

On USB sticks???? What are they doing on USB sticks?!?!? Whoever put that on there, should be fired immediately, no questions asked.

Re:

[Golden Section]

Whoever put that on there, should be fired immediately, no questions asked.

And additionally, companies with such employees should be fined heavily. Only if it costs them much money, only then will this stupidity end. Protocols need to be in place, taught, checked and enforced with consequences.

Encryption

[subreality]

People think I'm paranoid because I encrypt all my drives... but when I lose a disk I never have to wonder if it potentially ended up in the wrong hands. Too bad it's only done by us loonies and not as standard practice everywhere.

Well, I'm Probably On The List

[TheSpoom]

So congratulations to the thief (or finder) for now knowing my birthday and former address.

Re:

[TheSpoom]

In my case, the information is not that valuable. I'm a rather easy person to find, it doesn't include my email address, and the address no longer corresponds to me.

can only be accessed and read by...

[game kid]

The information contained on the two sticks wasn't encrypted and the sticks themselves weren't password-protected - as they should have. Still, it can only be accessed and read by using internal Elections Ontario proprietary software or specialized commercial software applications.

...and the thieves, once they (quickly) figure out how the fields are arranged and stored.

Re:

[GameboyRMH]

Yeah nothing that can't be cleaned up with a hex editor and a small script.

Fuck it

[SilverJets]

I'm going to go out get a bunch of credit, rack it right up, and then claim my identity was stolen. The banks can go after Elections Ontario for the bill.

Re:

[quacking duck]

And if they're successful, your tax dollars goes to the bank.

More importantly, MY tax dollars also go to the bank for your selfishness.

I'll assume you were joking.

"How an individual voted"???

[mark-t]

Why would anyone be remotely concerned about this?

*NOBODY* knows how a given individual voted in Canada, unless that individual tells somebody. They might be able to tell if or when you voted... and of course where you were at when you voted, but there is no possible way, short of doing something that *WILL* get you put under arrest (with a likely prison sentence), knowing how somebody else voted in any federal or provincial election is just not going to happen unless you can get them to tell you. And

Re:

[Pope]

Really, it's like a lot of information that's technically "publicly" available, but scattered among multiple incomplete sources. This leak compiles a lot of that public info into one easy to digest package.

It's like how a lot of property ownership information was "publicly" available, but getting off your ass, down to City Hall, and filing the proper information requests. Once it hits the 'net, the effort needed to access that information en masse drops drastically. Then you can do nefarious things with it.

Re:

[mark-t]

I know.... I'm just surprised that anyone would have figured that how a person voted could have ever hoped to make it into that kind of list.

Why the fsck ?

[Hamsterdan]

Why was that info on a USB stick (for one), and why wasn't that info protected?