INSUBCONTINENT EXCLUSIVE:
A massive trove of voter records containing personal information on millions of Texas residents has been found online.
The data — a single
file containing an estimated 14.8 million records — was left on an unsecured server without a password
Texas has 19.3 million registered voters.
It the latest exposure of voter data in a long string of security incidents that have cast doubt
on political parties& abilities to keep voter data safe at a time where nation states are actively trying to influence elections.
TechCrunch
obtained a copy of the file, which was first found by a New Zealand-based data breach hunter who goes by the pseudonym Flash Gordon
It not clear who owned the server where the exposed file was found, but an analysis of the data reveals that it was likely originally
compiled by Data Trust, a Republican-focused data analytics firm created by the GOP to provide campaigns with voter data.
Chris Vickery,
director of cyber risk research at security firm UpGuard, analyzed a portion of the data
(It was Vickery who found a larger trove of 198 million voter records last year exposed by a similar data firm Deep Root Analytics, which
sourced much of its data from Data Trust.)
A spokesperson for Data Trust declined to comment on the record.
The file — close to 16
gigabytes in size — contained dozens of fields, including personal information like a voter name, address, gender and several years& worth
of voting history, including primaries and presidential elections.
Granted, much of that data is public
According to The Texas Tribune, that kind of voter data in Texas is already obtainable for a fee, but information relating to individuals&
political affiliations and party memberships is not
Sam Taylor, communications director for the Texas secretary of state, told TechCrunch in an email that certain data points — like Social
Security numbers — are also excluded, and the voter data cannot be used for commercial purposes, like advertising.
But data-driven
political firms like Data Trust use the data for political purposes, specializing in supplementing those voter profiles with information
that might help a campaign to flip a person who might not vote for a Republican candidate at the ballot box.
That where this file fills in
the gaps with dozens of other fields, which can be used by campaigns to position their political messaging.
For example, the data includes
fields that might score an individual believed views on immigration, hunting, abortion rights, government spending and views on the Second
Amendment.
Other fields were more relevant to the recent 2016 presidential election, in which the data predictively scored individuals on if
they ''trust& or have &no trust& for then-Democratic candidate Hillary Clinton.
The data also includes additional personal information, such
as a person phone numbers and their ethnicity and race.
It not known exactly when the data was compiled, but an analysis of the data
suggests it was prepared in time for the 2016 presidential election
It also not known if the file is a subset of the 198 million records leak last year — or if it a standalone data set.
Without an owner to
inform of the exposure, it unclear if the data is still online.
