US Voter Records From 19 States Is Being Sold on a Hacking Forum, Threat Intelligence Firms Say (zdnet.com) 102
Catalin Cimpanu, reporting for ZDNet: The voter information for approximately 35 million US citizens is being peddled on a popular hacking forum, two threat intelligence firms have discovered. "To our knowledge this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data," said researchers from Anomali Labs and Intel471, the two companies who spotted the forum ad.
The two companies said they've reviewed a sample of the database records and determined the data to be valid with a "high degree of confidence." Researchers say the data contains details such as full name, phone numbers, physical addresses, voting history, and other voting-related information. It is worth noting that some states consider this data public and offer it for download for free, but not all states have this policy.
The two companies said they've reviewed a sample of the database records and determined the data to be valid with a "high degree of confidence." Researchers say the data contains details such as full name, phone numbers, physical addresses, voting history, and other voting-related information. It is worth noting that some states consider this data public and offer it for download for free, but not all states have this policy.
Duh (Score:5, Insightful)
It is worth noting that some states consider this data public and offer it for download for free
So why not make it clear in your headline what % of the data is not public before getting all excited...
Re: Duh (Score:1)
How the fuck is this public info? Anyone can view your voting history? Is the USA a banana republic?
Re: Duh (Score:5, Informative)
How the fuck is this public info? Anyone can view your voting history? Is the USA a banana republic?
Voter rolls (name and contact info) are public in most states. Additional data available is usually what elections you voted in, and in some states what primary ballot you pulled. These are usually restricted to campaign and other political uses by state law (marketers, not working on political issues, are usually barred from using it, for example).
Note that how you voted (i.e. who you voted for) is not recorded and not part of any record.
Re: (Score:3, Interesting)
The last few election cycles, the Pennsylvania GOP has been targeting democrats and non-voters in Republican heavy areas by sending out threatening letters containing a list of your neighbors, who they registered for, and if they voted, and threatening to send the neighbors similar letters after the election if you don't switch parties and vote.
Re: (Score:2)
Re: (Score:2)
Re: Duh (Score:2)
Shouldn't that be dnc.cn?
Re: (Score:2)
This smells of secret lists and entirely fake voters. Better it remain public, you sneaky fuckers.
Re: (Score:2)
In some states it's public info for free. Others charge. This is partly so political parties know who votes, and partly because it's much easier for third parties to confirm there's no banana republic stuff with the voter rolls.
My current state makes it public record. Here's a link to my city's entire electoral role [cuyahogael...audits.com], including who voted when.
Re: (Score:2)
I recently ran for office...
My state election board offers a spreadsheet of all registered voters and the last 5 dates they voted.
Names, addresses, party, living at each address.
Not who they voted for... just that they voted.
Candidates can use this to target the voters that are most likely to vote in an upcoming primary for example...
There are apps that provide canvasing lists of high value voters.
The R and D parties also have their own lists, likely partly derived from this data.
Re: Duh (Score:4, Insightful)
It is one of the many, many little ways the Republicans and Democrats keep their cosy little duopoly going and prevent the people of the US from having any real choice about who rules them.
Re: (Score:2)
You can also go to the HAVA site to get information from any state or the 3,000 or so counties: http://voterlist.electproject.org/
I would like to make my information private so I stop getting robocalls and massive amounts of flyers for various elections, but the only way to do that is not vote.
Re:Duh - FYI (Score:1)
All run by the same individual, and s/he has a system in place with which someone can get their name(s) removed from the lists.
also offers the raw data files so individuals can build their own systems.
https://arkvoters.com/
https://coloradovoters.info/
https://connvoters.com/
https://delawarevoters.info/
https://flvoters.com/
https://michiganvoters.info/
https://ohiovoters.info/
https://oklavoters.com/
https://rivoters.com/
Re:Duh (Score:5, Funny)
If you're not going to over react, please don't post.
Re: (Score:2)
AC, I so wish I had mod points today...genius!
Re: (Score:2)
"Voting history" does not mean who you voted for, it means which elections you voted in. It is public in every state, altho they generally charge for the records. That's how school board candidates know whether to bother you or not.
Wh you voted for is not retained in any electoral file anywhere.
Re: (Score:2)
The voting data is the interesting part. It tells you how active somebody is (not who they voted for).
They is? (Score:3, Insightful)
Re: (Score:1)
"history" may be misleading (Score:5, Interesting)
Keep in mind, that the "voting history" in the summary is easy to sensationalize. In most cases it only means you were issued a ballot, and possibly for mail-in ballots that you returned it. No state has a history of what actual voting selections were made.
Re: (Score:2, Insightful)
Keep in mind, that the "voting history" in the summary is easy to sensationalize. In most cases it only means you were issued a ballot, and possibly for mail-in ballots that you returned it. No state has a history of what actual voting selections were made.
You hope.
Re: (Score:3)
Keep in mind, that the "voting history" in the summary is easy to sensationalize. In most cases it only means you were issued a ballot, and possibly for mail-in ballots that you returned it. No state has a history of what actual voting selections were made.
You hope.
I know.... Seriously. The "Secret ballot" will remain so and unless you can somehow infer from the precinct results and list of who voted a specific ballot that was cast (Say for instance, EVERY vote cast was the same in a precinct, and YOU voted, so I can determine how you voted). But those situations are extremely rare. If you vote in a precinct where the votes cast isn't unanimous, you are safe from exposure of your unique vote.
Re: (Score:2)
Re: (Score:2)
Yes, I'm pretty sure about this, no I don't have the data.
IF you want to prove this assertion wrong, go GET the data and do it. However, the law of this country is pretty clear on this so if you find information on actual votes cast by an individual, any individual, a crime has been committed that needs to be investigated and somebody needs to be charged and convicted for it.
Now I've not seen anybody charged for this kind of thing and you know it would be HUGE news if it happened, so I'm about as sure of
Re: "history" may be misleading (Score:4, Informative)
I know. I am an election official in Virginia. We're not idiots. Of course your vote is private.
Re: (Score:3)
Re: (Score:3)
Your identifying data isn't anywhere on the ballot or machine.
In a vote-by-mail state, your identifying data is on the envelope that contains your ballot. You TRUST that the election officials do not enter this data when they scan your ballot --- it is in a machine readable format so could be OCRd easily.
This is the system that Wyden wants implemented for the entire country.
When I voted in a "show up and vote on a paper ballot" system, there was a strip of paper on each ballot that contained the ballot number, which was recorded in the electoral rolls when it was gi
Re: (Score:3)
Re: (Score:2)
The mail in envelopes are opened under supervision of election judges from both parties,
Which is why I said that you have to trust that they don't record the information. All of the description you provided is how they operate so that they create this trust.
As for the ballot ID, as you said, it was removed from the ballot before being counted.
No, it was removed from the ballot before it was mixed into the box with the other ballots, and I saw it happen with my own eyes. Counting took place after the polls closed. If they had waited until "before counting" then I would have to trust that it was being done.
Do you not understand the difference between "know" and "trust"?
Re: (Score:2)
The mail in envelopes are opened under supervision of election judges from both parties,
Which is why I said that you have to trust that they don't record the information. All of the description you provided is how they operate so that they create this trust.
As for the ballot ID, as you said, it was removed from the ballot before being counted.
No, it was removed from the ballot before it was mixed into the box with the other ballots, and I saw it happen with my own eyes. Counting took place after the polls closed. If they had waited until "before counting" then I would have to trust that it was being done.
So they counted them before they mixed them? Otherwise, pretty sure I'm still correct. Also do you not trust yourself? You witnessed it.
Do you not understand the difference between "know" and "trust"?
Just like you have to trust the local coffee shop not to serve everyone cyanide, or your mailman to not plant bombs in your mailbox. The odds of recording your vote info from either of the scenarios you mention is astronomically small. It's because we don't trust them that checks are put in place. If you can't trust anyone, well, you're screwed anyway. It would require vas
Re: (Score:2)
No, it was removed from the ballot before it was mixed into the box with the other ballots, and I saw it happen with my own eyes. Counting took place after the polls closed. If they had waited until "before counting" then I would have to trust that it was being done.
So they counted them before they mixed them? Otherwise, pretty sure I'm still correct. Also do you not trust yourself? You witnessed it.
I said they count them AFTER THE POLLS CLOSE, which is long after the ballots are put into the box. How you get "before they mixed them" from "after the polls close" I do not know, but it has to be either a complete lack of reading comprehension or a deliberate attempt at misinterpreting what I actually said.
Yes, pedantically, the strip is removed "before being counted", but that's only because the strip is removed before the ballot goes into the box. Just "before being counted" implies that it is removed
Re: (Score:2)
Re: (Score:2)
There is no realistic way for anyone to connect someone to a particular ballot much less create a database of how everyone voted.
It is easy to do that. You take the incoming envelope and scan it on one system to bring up the stored signature on the display to validate it. You press OK. You remove the ballot from the "secrecy envelope" and scan it on another system. Oops, the systems are interconnected behind the scenes so a data collector can collect your ID from the first system and then how you voted from the second.
I am NOT saying that this happens. I'm only pointing out that it is quite possible to do this.
Vote by mail is far more secure than polling place balloting.
Bullshit. First, you
Everything is a "hack" now. (Score:5, Interesting)
"US Voter Records From 19 States Is Being Sold on a Hacking Forum...It is worth noting that some states consider this data public and offer it for download for free, but not all states have this policy."
Why am I willing to bet that 19 states do have this policy, turning this "hacking" story into nothing more than clickbait?
We used to get pissed when "hacking" was mislabeled or misunderstood. Now we're just pissed that no one has a fucking clue what a hack is anymore because everyone is labeling every stupid little thing as hacking. Found a shortcut to work? You "hacked" your commute. Used a microwave instead of the stove? You "hacked" your dinner prep. Downloaded free public information? You "hacked" the voting public.
Enough of the "hacking" shit already.
Re: (Score:2)
Re: (Score:3)
Well everything is "AI" now, so this fits in. I am developing a "hacking AI". It scans networks looking for vulnerabilities. Totally innovative. I call it nmap.
I'm developing a hacking tool that trains AI with machine learning to break blockchains. And it has a VR/AR UI.
Re: (Score:2)
Re: (Score:3)
Well everything is "AI" now, so this fits in. I am developing a "hacking AI". It scans networks looking for vulnerabilities. Totally innovative. I call it nmap.
I'm developing a hacking tool that trains AI with machine learning to break blockchains. And it has a VR/AR UI.
Phtttt. Unless you're creating a gooey interface in Visual Basic, you ain't hacking shit.
Re: (Score:2)
I think you mean you used R with the AI packages.
Re: (Score:2)
...AI ...machine learning ...blockchains. ...VR/AR UI.
SHUT UP AND TAKE MY MONEY
Re: (Score:2)
Re: (Score:2)
Oh boy, really?
Where I have no idea what the facts actually are here, I'm going to make two guesses (let me know if I'm wrong.)
1. Brian Kemp is ahead in the race.
2. There is a legal reason each these registrations have been held up/rejected which is clearly defined in the laws of Georgia.
As to the allegations of being a child abuser, these need to be investigated by the police. If there is sufficient evidence to charge he needs to be charged, otherwise, this is nothing more than political mud slinging by
Re: (Score:2)
Kemp is not especially ahead in the race. Both candidates are around 46 percent in the latest polls.
The bit about holding a gun on a kid is a claim related to a TV ad Kemp himself aired. He had a shotgun on his lap and a kid, apparently the boyfriend of one of Kemp's daughters, in an adjacent chair. All of this was in Kemp's own ad and isn't disputable.
The claim is that he pointed the gun at this boy and that equals child abuse. He did not point the gun AT the boy in the ad that aired. It was pointed
Re: (Score:2)
No need to worry (Score:3)
No need to worry. I have marked them all deceased and returned them to their source.
Re: (Score:2)
These are voter records, not voting history.
This is often your name and your address, which polling place you are registered at. Perhaps additional info, such as your age, and perhaps your signature, or picture.
However with this info + with general election results from a polling station. You can probably get a good picture on who to target and with what.
If you live in an area that voted 90% republican in your polling location, and it knows that you voted at that location. Then chances are you had voted re
Re: (Score:2)
In states with party registration your registration is also in the public voter file. If they've got voter history they also generally get which years you voted in the primaries, which will give anyone who knows the state's politics a very good way to figure out which way you lean.
heavy red states (Score:2)
I wonder why that is?
In addition, the DBs are from this year due to updating. That means they have plenty of backdoors in the systems.
I hope that you red states can afford to have your ID and credit stolen.
Perhaps, you will finally back E-verify for real on all businesses.
Re: (Score:2)
That means they have plenty of backdoors in the systems. .
Backdoors? You can just go download it from many states. It's not considered private info. When I was involved with local politics I used to download the county records several times a year, straight from the county clerk's website. No login or anything. Just a pinky-swear and threat of prosecution if you used it for unauthorized purposes (like non-political marketing).
diagram the headline sentence (Score:2)
records are. record is.