A marketing company working for the Republican National Committee accidentally left sensitive personal details of almost 62 per cent of the US population exposed – reportedly the largest breach of electoral data in the US to date.
Along with information on about 200 million US citizens’ home addresses, birthdates, phone numbers and political views, the information also included analyses used by political groups to predict where individual voters fall on controversial issues such as gun ownership, stem cell research and the right to an abortion.
The data was available on a publicly accessible Amazon cloud server and could be accessed and downloaded by anyone who had a link.
The information appears to have been collected from a variety of sources, such as posts on the social network Reddit and committees that raised money for the Republican party.
Stored in spreadsheets uploaded to the server owned by Deep Root Analytics, the huge cache of data was discovered last week by Chris Vickery, a cyber-analyst with the security company UpGuard.
“We take full responsibility for this situation. Based on the information we have gathered thus far, we do not believe that our systems have been hacked,” Deep Root founder Alex Lundry told technology website Gizmodo.
“Since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access.”
The information had apparently been last updated in January when Donald Trump was inaugurated as President. It is uncertain how long the data was able to be accessed.
“That such an enormous national database could be created and hosted online, missing even the simplest of protections against the data being publicly accessible, is troubling,” noted UpGuard’s Dan O’Sullivan.
“The ability to collect such information and store it insecurely further calls into question the responsibilities owed by private corporations and political campaigns to those citizens targeted by…