In late 2015, a security researcher found voter registration records of 191 million US voters on the Internet. Months later, hackers were found selling those records on several dark web marketplaces. Now, the IT security firm Kromtech has revealed that its researchers discovered a MongoDB database (a popular database management system) containing over 19 million California voters records.
Database Was Left Exposed
The database was left exposed for anyone with an Internet access to view or edit. In the majority of such cases, researchers contact the affected party and inform them about the exposed data, but in this case, Kromtech researchers were unable to identify the owner.
Remember, MongoDB is used by popular organizations such as LinkedIn, MetLife, City of Chicago, Expedia, BuzzFeed, KMPG and The Guardian etc.
Cybercriminals Held Voters Database For Ransom
Since early 2017, hackers have been targeting MongoDB based databases. In this case, according to researchers hackers discovered voters records, took control of it and left a ransom note before deleting the entire database.
The ransom note asked the owner of the database to send 0.2 bitcoin, that is around USD 3,123 (thanks to sudden price hike) to a bitcoin address. However, the fact that cybercriminals erased the database, researchers were unable to conduct a detailed analysis.
Furthermore, the group stated that “your database is downloaded and backed up on our secure servers.” Simply put: the group now holds the database and wants the owner to pay to get it back.
What Data The Database Had
In total, the 4GB database contained 19,264,123 records. As expected, it included highly personal and sensitive data of registered Californian voters such as:[..]
To read the original article:https://www.hackread.com/hackers-steal-california-voter-database-for-ransom/