Mexico's Entire Voter Database Made Accessible on Internet
Source: Scientific American
Mexico's Entire Voter Database Made Accessible on Internet
Mexican authorities say all 87 million voters addresses and other details were left open to public view without a password
By Adam Tanner on April 22, 2016
The names and addresses of all 87 million Mexican voters were accessible on the Internet until early Friday, when authorities took action after a Texas-based security researcher alerted them to the vulnerability, Mexican election officials say. It is unclear when the list first became open to public view.
Chris Vickery, a Texan who said he found in December that he could view records on 191 million American voters, told Mexican authorities last week that anyone could view the Mexican voter information hosted on the cloud-computing site Amazon Web Services. The data lacked even the most basic security precautions such as a password, Vickery told the authorities.
Amazon Web Services did not immediately respond to telephone and email requests for comment Friday, but its website says it is up to customers to oversee the security of their stored data. While AWS manages security of the cloud, security in the cloud is the responsibility of the customer, the company writes. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would for applications in an on-site datacenter.
The fact that this database is published to the public, it is not just a criminal offense, it is a national offense, says Lorenzo Cordova Vianello, president of the Mexican National Electoral Institute, the body that organizes federal elections in Mexico. In a statement issued Friday, the Institute says it has filed a criminal complaint about the case with Mexicos Special Prosecutor's Office for Electoral Crimes (FEPADE) and has notified the national cyber police.
Read more: http://www.scientificamerican.com/article/mexico-s-entire-voter-database-made-accessible-on-internet/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ScientificAmerican-News+%28Content%3A+News%29
silvershadow
(10,336 posts)What are we doing about this, or any other type of internet "thing"? Nothing. Nada. Zilch. Close the barn door after the horse gets out.
muriel_volestrangler
(101,321 posts)The article links to this:
An independent computer security researcher uncovered a database of information on 191 million voters that is exposed on the open Internet due to an incorrectly configured database, he said on Monday.
The database includes names, addresses, birth dates, party affiliations, phone numbers and emails of voters in all 50 U.S. states and Washington, researcher Chris Vickery said in a phone interview.
Vickery, a tech support specialist from Austin, Texas, said he found the information while looking for information exposed on the Web in a bid to raise awareness of data leaks.
Vickery said he could not tell whether others had accessed the voter database, which took about a day to download.
http://www.reuters.com/article/us-usa-voters-breach-idUSKBN0UB1E020151229
We had a few DU threads on it:
http://www.democraticunderground.com/10141298403
http://www.democraticunderground.com/10027479238
http://www.democraticunderground.com/10027479973
http://www.democraticunderground.com/10027480315