Picture: Lorie Shaull (CC BY 2.0 DEED)
The District of Columbia Board of Elections (DCBOE) is presently probing an information leak involving an unknown variety of voter data following breach claims from a risk actor referred to as RansomedVC.
DCBOE operates as an autonomous company inside the District of Columbia Authorities and is entrusted with overseeing elections, managing poll entry, and dealing with voter registration processes.
Its investigation into the claims has revealed that the attackers accessed the data by way of the net server of DataNet, the internet hosting supplier for Washington D.C.’s election authority.
Notably, the breach didn’t contain a direct compromise of DCBOE’s servers and inside programs.
“On 10/5, DCBOE turned conscious of cybersecurity incident involving DC voter data. Whereas the incident stays beneath investigation, DCBOE’s inside databases & servers weren’t compromised,” the company mentioned.
In shut cooperation with MS-ISAC’s Laptop Incident Response Group (CIRT), DCBOE took down its web site and changed it with a upkeep web page to comprise the state of affairs after figuring out it because the supply of the breach.
For the reason that discovery of the incident, the election board labored with information safety specialists, the Federal Bureau of Investigation (FBI), and the Division of Homeland Safety (DHS) to conduct a complete safety evaluation of its inside programs.
Moreover, DCBOE initiated vulnerability scans throughout its database, server, and IT networks to establish potential safety points that may have facilitated the attackers’ entry to the stolen data.
Stolen information up on the market on the darkish net
RansomedVC alleges that the latest incident resulted within the theft of over 600,000 traces of U.S. voter information, encompassing data of D.C. voters.
“Now we have efficiently breached the District of Columbia Board Of Elections and have gotten greater than 600k traces of USA Voters,” the risk actor says.
The stolen data is presently being provided on the market on the risk actor’s darkish net leak website, however the actual worth is undisclosed.
As verification of the information’s authenticity, RansomedVC has supplied a single report containing what it claims to be the private particulars of a Washington D.C. voter.
This dataset contains the person’s identify, registration ID, voter ID, partial Social Safety quantity, driver’s license quantity, date of beginning, cellphone quantity, e-mail, and extra.
“It must be famous that within the District of Columbia, some voter registration data-such as voter names, addresses, voting data, and social gathering affiliation-is public data, until it has been made confidential in accordance with District of Columbia guidelines and laws,” the Washington election authority mentioned in its assertion.
Nevertheless, election authorities don’t present entry to confidential data corresponding to voters’ contact data and SSNs.
RansomedVC instructed DataBreaches.internet, who first reported the information leak on Thursday, that the stolen voter data can be offered to a single purchaser.
Identified for controversial claims
Whereas RansomedVC has claimed the breach and is now promoting the information on their leak website, an nameless supply instructed BleepingComputer on October third that DCBOE’s stolen database was first put up on the market on the BreachForums and Sinister.ly hacking boards by a person named pwncoder (these posts have since been deleted).
As BleepingComputer was instructed, the information was dumped from a stolen MSSQL database and contained the data of greater than 600,000 D.C. voters.
Latest claims made by RansomedVC to have breached Sony’s programs and stolen over 260GB of recordsdata (with a 2MB leaked archive as proof) have been disputed by one other risk actor who identifies as MajorNelson.
The latter social gathering launched a 2.4 GB archive of recordsdata on BreachForums, allegedly taken from Sony’s programs.
Whereas the information shared by these attackers appears linked to Sony, BleepingComputer couldn’t independently validate the authenticity of both social gathering’s claims.
