A voter registration agency lost the data, compromising the confidential information of thousands of Americans, including social security numbers and driver’s licences.
Cyber Attack Details
This month, the District of Columbia Board of Elections (DCBOE) disclosed that a data breach compromised its complete voter registration systems, enabling unauthorised access and disclosure of individual identities by hackers.
Hacker’s Activities and Data Compromise
600,000 lines of data, including DC voter records, were accessed by the cybercrime group RansomVC, which is now selling the information on the dark web.
Response and Future Steps
DCBOE has stated that it is collaborating with federal agencies such as the Federal Bureau of Investigation (FBI) and Homeland Security to resolve the issue. However, the agency has not disclosed the severity of the breach.
The data intrusion occurred on October 5, during which RansomVC gained access to DataNet’s web server, according to a press release issued by DCBOE on October 6.
Aftermath and Prevention
DCBOE also disclosed that the compromised information originated from voters who participated in its canvassing procedure between August 9, 2019, and January 25, 2022.
However, the agency asserts that the breach affected fewer than 4,000 electors.
Although the majority of the compromised data consists of publicly available details like addresses and political affiliations, hackers were able to deduce fragmentary social security numbers and driver’s licences, which is sufficient information to establish an individual’s identity.
“Once reviewed internally, DCBOE will disclose the precise nature of the accessed voter information and contact those affected,” the board said in a statement.
KnowBe4’s data-driven defense evangelist Roger Grimes commented on the possibility that intrusions of this nature could facilitate additional criminal activity.
Grimes stated, “As always, these types of data breach incidents enable malicious actors to create more targeted spear-phishing emails in which potential victims are contacted by a sender posing as a legitimate contact.”
“By including stolen information, the attacker can appear more legitimate than they would be if they had not obtained the stolen data.”
Spear-phishing emails have a significantly higher likelihood of compromising potential victims compared to generic phishing emails that do not contain any private information about the target.
The DCBOE stated that it will soon contact all registered electors and collaborate with the cybersecurity consulting firm Mandiant on the following steps.
The agency has announced that it is secure for residents of the District of Columbia to register to vote despite the temporary closure of its website.