Home Cyber Security News Poorly Configured AWS Cloud Storage by Robocall has exposed Millions of US Voter Records

Poorly Configured AWS Cloud Storage by Robocall has exposed Millions of US Voter Records

by Harikrishna Mekala

RoboCent exposed the data of 4500 clients due to a poorly configured AWS S3 bucket. Employees of the company were working with millions of US voters data. Most of the files were Excel spreadsheets which contained high profile details about specific voters. The data was compiled by state governments which also include name, address, phone number and party affiliation.

Some of the spreadsheets have specific names such as “Fragile Families” and “Meager Metro Means”. There is another estimation of the net worth of the annual income of the individuals. There is also a field which listed the specific hobbies and interests for each voter.

The files were publicly accessible without the need for a password. They were grouped into a lot of buckets for an unknown period of the time. The Misconfigured cloud storage led to the exposure of a number of sensitive records of US voters. There were a total of 102,431,953 files that were exposed to the public internet.

There has been a lot of incidents like this taken place such as voter records of 1.8 million Chicago voters were freely accessible because of a misconfigured AWS Cloud Storage. There are also a lot of companies such as FedEx, Verizon and Time Warner who have suffered the data breach because if the poorly configured AWS S3 storage.

The first bucket has more than 2,600 files according to the co-founder of the RoboCent. The data breach was disclosed by the company on July 15th.

“I believe the public listing on the s3 bucket was turned on instead of turned off,” Trawick said. “It was, pretty honestly, a rookie mistake. We have figured that out and locked it down.” RoboCent has cycled through four developers in five years, he adds, each of whom held varying degrees of responsibility over the company’s data security.

The company has restricted access to both the buckets, Trawick also said the company is currently in the process of moving all the customer assets to a more secure location.

Take your time to comment on this article.

You may also like

Latest Hacking News