Huge and crucial voter data that includes voters’ personal information and voter profiling data of all registered American voters the past ten years has been discovered on an exposed and unsecured server, in what is believed to be the largest ever known exposure of voter information.
Various databases containing 198 million records on American voters from all political parties were discovered stored on an open Amazon S3 storage server which is owned by Deep Root Analytics, a Republican data analytics firm.
Chris Vickery, an UpGuard cyber risk analyst, discovered the exposed server, and verified the data. Through his immediate and responsible disclosure, the server was secured last week, before it got published.
The leak shows Republicans’ multi-million-dollar effort to better understand and target potential voters by using big data. The move is seen inspired by the success of Barack Obama’s 2008 campaign, generally-believed to be the first data-driven campaign. Impressively, the GOP replicated that 2008 Obama campaign strategy by helping its candidates make huge decisions about their campaigns based on data through utilizing many companies including data firms, market researchers, and analytics providers.
The exposed data includes a voter's name, date of birth, home address, phone number, and voter registration details, such as which political party a person is registered with. The data also includes "profiling" information, millions of voter's ethnicity and religions, and various other kinds of information relevant to a voter's political persuasions and preferences – helpful information for political advertising. There was also information that rate voters on their likelihood of supporting particular policies after the election.
Some of the data are also used by relevant groups to decide on matters of political television advertising.
Some information contained in the files can also allow prospective Republican candidates and their committees to target pro-trade Republicans who might vote blue, and Democrats who want tighter immigration controls who can be convinced to vote red.
The Amazon S3 storage server is owned by Deep Root and its co-founder Akex Lundry said in an email that company has taken "full responsibility for this situation."
He said: “Since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access. We accept full responsibility, will continue with our investigation, and based on the information we have gathered thus far, we do not believe that our systems have been hacked.”