A data analytics contractor employed by the Republican National Committee (RNC) left databases containing information on nearly 200 million potential voters exposed to the internet without security, allowing anyone who knew where to look to download it without a password.
“We take full responsibility for this situation,” said the contractor, Deep Root Analytics, in a statement.
The databases were part of 25 terabytes of files contained in an Amazon cloud account that could be browsed without logging in. The leaky account was discovered by researcher Chris Vickery of the security firm UpGuard. The files have since been secured.
Vickery is a prominent researcher in uncovering improperly secured files online. But, he said, this exposure is of a magnitude he has never seen before
“In terms of the disc space used, this is the biggest exposure I’ve found. In terms of the scope and depth, this is the biggest one I’ve found,” said Vickery.
The accessible files, according to UpGuard, contain a main 198-million entry database with names, addresses of voters and an “RNC ID” that can be used with other exposed files to research individuals.