Slashdot Mirror

← Back to Stories (view on slashdot.org)

2.4 Million Ontario Voters' Private Info Compromised

Posted by Soulskill on from the only-maple-leafs-fans dept.

An anonymous reader writes "Elections Ontario, an agency tasked with the organization and conduct of general elections and by-elections in Canada's Ontario region, is warning voters about the loss and potential theft of two USB sticks containing private information of 2.4 million voters from approximately 20–25 electoral districts. The information at issue is limited to full name, gender, birth date, address, whether or not an elector voted in the last provincial election and any other personal information updates provided by voters to Elections Ontario during that time, as well as administrative codes used solely for election purposes. The information does not include how an individual voted."

52 of 81 comments (clear)

  1. So what? by busyqth · · Score: 1

    Doing everything electronically and "on the net" is of such overwhelmingly critical importance that the loss of a few million voter records is of little interest to any civilized human being.
    Just imagine if we had to go back to pencil and paper! The barbarism! *SHUDDER*

    1. Re:So what? by Anonymous Coward · · Score: 4, Informative

      If you've ever seen the way Canadian elections are handled, you'd know just how difficult that is to do. The steps involve a non-neutral representative from each party watching the ballot box, along with multiple neutral elections Canada employees watching it. All these people must be present whenever a vote is cast into the box, or if the box is moved (in my case, I had to walk to the hallway as a disabled person wished to vote and there were stairs leading to the voting area). All votes themselves are done completely secretly.

      The box is opened with all these people watching and every single vote is counted aloud and all representatives may complain if they see a vote they aren't happy with (not marked properly, forged, stuffed box, etc). We all get to watch each voter enter and get crossed off the list as they vote. The number of votes much match what we all saw. Once the votes are tallied (or someone complains from the group about a vote) a special cellphone only to be used for the election is used on speakerphone to call in the results in front of all of us.

      The box is then taped up with special security tape and driven directly to a secure storage location.

      The only way to have any tampering would be for all involved parties to be corrupt. That would be odd co-operation since all involved parties (other than Elections Canada) don't like each other.

    2. Re:So what? by Desler · · Score: 1

      You mean loss of records that anyone could already obtain since they are part of public record?

    3. Re:So what? by SomePgmr · · Score: 1

      Well sure, those kinds of things have happened... though I'd be surprised if 2.4m people worth of paper records were lifted all at once. I'm not-so-surprised with electronic records on a thumb drive. That can fall out of your pocket in the parking lot.

    4. Re:So what? by Anonymous Coward · · Score: 1

      I wanted to start my response with "Are you stupid?" but instead I'll start with the following paragraph.

      Paper voting can be monitored at every stage by representatives of all parties and by apolitical observers. In the UK, that's exactly what happens - from the carrying/opening of the ballot box to the count to the recording of results. There are people standing around watching everything who can and will raise merry hell if anything appears to be wrong.

      You simply can't get this level of auditing with electronics: the equivalent would be lots of tallying/auditing software provided by different groups, all continually checking the system. Then you'd have to trust the hardware vendor, and so on. And for what benefit? A few more hours to count? No thanks. Luddism is the rejection of tech per se, not the rejection of tech when it is inappropriate.

    5. Re:So what? by busyqth · · Score: 1

      You mean loss of records that anyone could already obtain since they are part of public record?

      Yes I mean those. Exactly those. And no others.

    6. Re:So what? by Mashiki · · Score: 2

      In Canada we pretty much do everything by pencil and paper. What this is though is the register of voters of who's eligible to vote by district. There are places where you can vote by electronic machine, but most people don't use them, they don't like them. It's pretty simple and straight forward.

      How it works is like this:
      In Canada when you file your taxes, you get the option of allowing Revenue Canada to send your personal information(DOB, name and address) to Elections Canada and in the regional office for Elections Canada for the voting registry. This is then used to compile the voter registration database. You can refuse, there's no problem with that. You just show up on election day and they update the register then. You'll have to show Government issued photo id, and two bills within the last 30 days that have your name and address on it. Then you can vote. Also, if you vote, you must show photo ID. This Photo ID is matched with the registar book.

      If you move, your name appears on the original registar still. But you can vote in your new district. The new district will often call your old district to have your name removed before allowing you to vote at your new one. Honestly, and to the point, I can't figure out what the big hoopla in the US is about over voter ID is anyway. But maybe that's besides the point.

      --
      Om, nomnomnom...
    7. Re:So what? by Em+Adespoton · · Score: 1

      Well sure, those kinds of things have happened... though I'd be surprised if 2.4m people worth of paper records were lifted all at once. I'm not-so-surprised with electronic records on a thumb drive. That can fall out of your pocket in the parking lot.

      ...of course, the drives were encrypted, so this isn't much of a story. Since it could fall out of your pocket in the parking lot, they took precautions.

      Strange thing, is I don't see this mentioned in the linked articles or anywhere on here.

  2. Private? by Lev13than · · Score: 4, Interesting

    Sounds like the same "private" information that every candidate and party has access to during the election campaign and on election day. Not sure about the birth date, but everything else is definitely on the voter registration and tracking printouts used by poll clerks and by party scrutineers during the election.

    --
    When you have nothing left to burn you must set yourself on fire
    1. Re:Private? by Mike+Van+Pelt · · Score: 1

      That was what I was thinking. When I ran for a local office and did some precinct walking back in 1992, I got a printout (fan-fold, green-lined line printer output) with this information. I don't recall what it cost, but it wasn't that much.

  3. In Other News, Phone books missing by retroworks · · Score: 5, Funny

    I'm almost as alarmed by the sense of alarm. This sounds like harmless information. A ten year old hard drive is not the same as losing your current laptop, and being tagged in a Facebook photo is not as dangerous as having your social security information compromised. Maybe we should distribute useless USB sticks filled with past telephone book listings just to keep identity thieves busy..

    --
    Gently reply
    1. Re:In Other News, Phone books missing by Sir_Sri · · Score: 1

      encrypted

      USB sticks

      you missed an important part.

    2. Re:In Other News, Phone books missing by pluther · · Score: 1

      ...and being tagged in a Facebook photo is not as dangerous as having your social security information compromised.

      It could be worse, depending.

      Having your SSN compromised can be fixed through filling out some forms, paying some fees, and forwarding a few dozen letters to wishful creditors.

      But whenever a new HR department googles you and finds that one picture...

      --
      If the masses can keep you down, you're not the Ubermensch.
    3. Re:In Other News, Phone books missing by EdIII · · Score: 1

      While you are attempting to make light of it, there are rather serious concerns:

      The information at issue is limited to full name, gender, birth date, address, whether or not an elector voted in the last provincial election and any other personal information updates provided by voters

      Physical address is concerning. Not everyone wants that listed and has trust that the government, who ostensibly needs that information, will protect it. Yes, it could matter. Plenty of people are harassed, have sensitive jobs (law enforcement, abortion doctors, etc.), and have quite valid reasons to wish for some privacy and anonymity. Both of which are basic human rights that no government should be able to violate in the first place for any reason. That is arguable of course, but complete public dissemination of where citizens sleep is not something I would call "popular".

      Whether or not a person voted is information that can be used against them, and more than likely could result in increased harassment from political parties seeking to gain power. It's like putting blood in the water for sharks. Moreover, the fact that you did not vote is not information that is any less sensitive than who you may have voted for.

      Personal information updates is just wide open. You can't make a claim either way about the sensitivity of that information, and dismissing it out of hand is baseless.

      The real concern is the security practices of Election Ontario. I think it is the state of Massachusetts (?) that levies hefty fines for any corporations or organizations that let information out like this.

      There is no excuse either. It's patently ridiculous to have that much sensitive information on USB sticks for fucks sake. Their CTO, and those directly responsible for the USB sticks should be fired and fined, or laws created to allow them to be heavily fined.

      I know regulations are not exactly popular around Slashdot, but any agency or corporation that deals with that much information should be required to go through some information security courses or something. I'm sure we could all write pages and pages here about best security practices that would have greatly mitigated this event.

    4. Re:In Other News, Phone books missing by mlts · · Score: 1

      From the TFA, the USB stick was not encrypted.

      This in itself is pure stupidity. You can buy USB flash drives with hardware AES encryption on the cheap. Even the more expensive drives that are physically tamper resistant like the IronKey are not that pricy.

      As for software locking, BitLocker comes with Windows 7, and TrueCrypt is available at no charge.

      There is no excuse for unencrypted USB drives, none.

    5. Re:In Other News, Phone books missing by mcgrew · · Score: 1

      Physical address is concerning.

      For a hundred years, almost everyone's address was published in a printed book that came out yearly. It was opt-out, and to keep your name off the list you had to pay extra for the unlisted phone number.

      Plenty of people are harassed, have sensitive jobs (law enforcement, abortion doctors, etc.)

      If you're being harrassed, you go to the courthouse and get an order of protection. If you're a cowardly wimp, law enforcement may not be the ideal line of work for you. If you're an abortion doctor, you're in more danger from a drunk driver than a crazy anti-abortion murderer.

      Whether or not a person voted is information that can be used against them

      In Illinois it's a matter of public record whether or not you voted, and if you vote in the primary, so is the party you chose to vote in.

      It's patently ridiculous to have that much sensitive information on USB sticks

      That goes without saying.

      --
      Free Martian Whores!
    6. Re:In Other News, Phone books missing by Em+Adespoton · · Score: 1

      The TFA didn't say the stick wasn't encrypted -- it just failed to mention the fact that it was... and yes, it was. Other articles available on google go into much more detail.

      And yes, there is no excuse for unencrypted PII on USB drives.

  4. What is this info doing on USB-sticks? by santax · · Score: 4, Insightful

    What would be a valid reason to put that much info on 2 usb-sticks besides, wanting to sell it or altogether being to darn lazy to even think about security and consequences. Anyone?

    1. Re:What is this info doing on USB-sticks? by Sir_Sri · · Score: 2, Insightful

      moving data between computers. Not everyone knows how to do network sharing. they may also physically mail the encrypted USB sticks to people (or pass them around) for whatever reason. Ontario is a big place, and we've got about 13 million people over a large area, so there might be a lot of data moved around snail mail style by people who for whatever reason aren't linked up to a the central physical database.

      They may also have data for static analysis. The 'real' data might be updated constantly as people change addresses and so on, which is fine, but if you want to analyze voting patterns, say related to a investigation of robocalling (http://en.wikipedia.org/wiki/Robocall_scandal), you need the data preserved as it applied to a particular point in time.

    2. Re:What is this info doing on USB-sticks? by Striek · · Score: 1

      The laptops were not networked and were not connected to the Elections Ontario network, therefore, two USB drives were to be used for the purpose of transferring information amongst the laptops in the facility.

      http://www.elections.on.ca/en-CA/AboutUs/Privacy_Breach.htm

      --
      "Government is like fire; a handy servant, but a dangerous master." -- George Washington
    3. Re:What is this info doing on USB-sticks? by Anonymous Coward · · Score: 1

      I find it somewhat amusing that the information for "public figures" is kept private, while for private citizens it is made public.

    4. Re:What is this info doing on USB-sticks? by ThatsNotPudding · · Score: 1

      Might be time to require any USB stick used by government officials to be permanently attached to a large iron ball.

    5. Re:What is this info doing on USB-sticks? by PolygamousRanchKid+ · · Score: 1

      permanently attached to a large iron ball.

      I've got a better idea. How about attaching it to the two balls in the crotch of the user?

      No idiot would lose them by leaving them around somewhere, and not be able to find them. But then again, nothing can be made foolproof, because fools are so ingenious.

      Once again, humans are the weakest link in the security chain. Now, if you'll excuse me, I need to adjust my shit. My USB stick isn't hanging right . . .

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    6. Re:What is this info doing on USB-sticks? by Em+Adespoton · · Score: 1

      In Canada (and in Ontario), there are specific laws protecting personal information and how it can be stored/used. There is a stricter set of laws aimed at the government, and a laxer set of laws that apply to all businesses and individuals. So while the data is available if you go through the right channels, how you get the information (and the information you need to give up about yourself to get it) is strictly controlled.

  5. at least the made a public statement... by acidfast7 · · Score: 2

    ...versus most corps who do not unless forced to.

  6. Re:Private information? by Sir_Sri · · Score: 1

    Why would you include date of birth?

    Political campaigns can know your name (maybe just first name), address and whether or not you voted and they can reasonably conclude gender most of the time from first name.

    But ya, overall that information is pretty public (except whether or not you voted). You're in any of the phone book, land registries, employer office parties, condo corporations etc.

  7. Re:Private information? by Cabriel · · Score: 2

    To ensure the person is of voting age?

  8. Ontario region? by Chonnawonga · · Score: 3, Informative

    FYI, Ontario is a province. net-security.org should appreciate the value of precision, and /. editors need to edit.

    Sincerely, an Ontarian. (Yes, that's a word.)

    1. Re:Ontario region? by dkleinsc · · Score: 1

      /. editors need to edit

      You must be new here - that's really expecting far too much.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
    2. Re:Ontario region? by Chonnawonga · · Score: 1

      /. editors need to edit

      You must be new here - that's really expecting far too much.

      Oh, I don't expect them to DO it. I just want them to lose sleep at night.

    3. Re:Ontario region? by DarthVain · · Score: 1

      LOL.... really Ontario Region?

      Its just 1,000,000 square km (400,000+ sq miles). Just a little area really....

      Ontarioish. Brings new meaning to inaccurate, both in word, and in meaning.

  9. Re:Private information? by Desler · · Score: 1

    Date of birth information is part of public record, too. You didn't actually think you DoB was secret did you?

  10. Seriously? by Zamphatta · · Score: 2

    On USB sticks???? What are they doing on USB sticks?!?!? Whoever put that on there, should be fired immediately, no questions asked.

    1. Re:Seriously? by Golden+Section · · Score: 1

      Whoever put that on there, should be fired immediately, no questions asked.

      And additionally, companies with such employees should be fined heavily. Only if it costs them much money, only then will this stupidity end. Protocols need to be in place, taught, checked and enforced with consequences.

      --
      Nostalgia isn't what it used to be.
  11. Encryption by subreality · · Score: 3, Insightful

    People think I'm paranoid because I encrypt all my drives... but when I lose a disk I never have to wonder if it potentially ended up in the wrong hands. Too bad it's only done by us loonies and not as standard practice everywhere.

  12. Well, I'm Probably On The List by TheSpoom · · Score: 3, Insightful

    So congratulations to the thief (or finder) for now knowing my birthday and former address.

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
    1. Re:Well, I'm Probably On The List by TheSpoom · · Score: 1

      In my case, the information is not that valuable. I'm a rather easy person to find, it doesn't include my email address, and the address no longer corresponds to me.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
  13. can only be accessed and read by... by game+kid · · Score: 3, Insightful

    The information contained on the two sticks wasn't encrypted and the sticks themselves weren't password-protected - as they should have. Still, it can only be accessed and read by using internal Elections Ontario proprietary software or specialized commercial software applications.

    ...and the thieves, once they (quickly) figure out how the fields are arranged and stored.

    --
    You can hold down the "B" button for continuous firing.
    1. Re:can only be accessed and read by... by GameboyRMH · · Score: 1

      Yeah nothing that can't be cleaned up with a hex editor and a small script.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
  14. Re:Private information? by cygnwolf · · Score: 1

    Age and if you even bother to vote are important demographics. Someone in the 20-25, 'college age' group likely has different things that are important to them than say, someone who is in the 55-60 age group. A USA example would be social security. Very few 20-somethings that I know are even remotely concerned with it. On the other hand, someone who is 60 is already likely to be face the choice to retire at 62 or hold out till 65. (I know, TFA was about our northern neighbors, but I'm sure there's a similar example for people who are more familiar with Canadian social programs). So that would definitely be a reason why they would be INTERESTED in date of birth. Now, if that should be considered publicly available info is up for debate

    --
    Free Pie! The Pie is Also Evil!
  15. Re:Private information? by realityimpaired · · Score: 1

    Now, if that should be considered publicly available info is up for debate

    It's a matter of public record.

    http://www.ontario.ca/en/ontgazette/STEL01_033657.html
    http://www.gazette.gc.ca/index-eng.html

    Each province has their own equivalent of the Gazette. If you know the name of somebody and the province they were born in (and seriously, there's only 10), you can find what year they were born in by searching by name. All births, deaths, and name changes are published as part of the vital statistics act. You *can* have something like that be non-published (I did a name change a few years ago that was non-published), but there's a *very* strict set of criteria under which it's allowed, and it's done by special request only.

  16. Re:Private information? by Mashiki · · Score: 1

    Why would you include date of birth?

    DoB is included because in Canada, we use government photo ID as a requirement to be allowed to vote. Your ID has to match, and in turn your name, address and DoB has to match the registar book. No matchy, no vote.

    --
    Om, nomnomnom...
  17. Yes, but you have to *pay* for those by oneiros27 · · Score: 1

    $128 in Maryland:

    http://www.elections.state.md.us/voter_registration/purchase_lists.html

    (and you can get 'em on CD, rather than printed out ... I seem to recall it being a spreadsheet when I saw one ... don't know if it was a flat file that someone had imported, or if they gave it to you in Excell)

    --
    Build it, and they will come^Hplain.
    1. Re:Yes, but you have to *pay* for those by Em+Adespoton · · Score: 2

      So, your issue is not that private or personal information was leaked, but that the Canadian government was not adequately reimbursed for the leaked data?

      I'm not really understanding your position on this matter. Are you for or against the release of this information?

      If you are for it's availability, why do you feel that a fee associated with public information is appropriate?

      If you are opposed to the release of this information, why would you be amenable to its release simply because a fee was paid?

      I think he's meaning to point out that as you can purchase this information relatively cheaply, it doesn't really matter whether or not it was leaked.

      Of course, Canada still isn't the US, and the data was encrypted, so nobody likely got their hands on the sensitive data.

  18. Fuck it by SilverJets · · Score: 1

    I'm going to go out get a bunch of credit, rack it right up, and then claim my identity was stolen. The banks can go after Elections Ontario for the bill.

    1. Re:Fuck it by quacking+duck · · Score: 1

      And if they're successful, your tax dollars goes to the bank.

      More importantly, MY tax dollars also go to the bank for your selfishness.

      I'll assume you were joking.

  19. "How an individual voted"??? by mark-t · · Score: 1

    Why would anyone be remotely concerned about this?

    *NOBODY* knows how a given individual voted in Canada, unless that individual tells somebody. They might be able to tell if or when you voted... and of course where you were at when you voted, but there is no possible way, short of doing something that *WILL* get you put under arrest (with a likely prison sentence), knowing how somebody else voted in any federal or provincial election is just not going to happen unless you can get them to tell you. And even then, the only way you could know for sure that they weren't telling the truth if they decided to lie about it is if they claimed to vote for somebody who received zero votes at the polling station where they voted (which in my experience working at those stations a few times isn't terribly likely, because even the weirdest ones on the ballots that you might think wouldn't get any votes always seem to get the odd person or persons voting for them at any given station).

    --
    File under 'M' for 'Manic ranting'
    1. Re:"How an individual voted"??? by Pope · · Score: 2

      Really, it's like a lot of information that's technically "publicly" available, but scattered among multiple incomplete sources. This leak compiles a lot of that public info into one easy to digest package.

      It's like how a lot of property ownership information was "publicly" available, but getting off your ass, down to City Hall, and filing the proper information requests. Once it hits the 'net, the effort needed to access that information en masse drops drastically. Then you can do nefarious things with it.

      --
      It doesn't mean much now, it's built for the future.
    2. Re:"How an individual voted"??? by mark-t · · Score: 1

      I know.... I'm just surprised that anyone would have figured that how a person voted could have ever hoped to make it into that kind of list.

      --
      File under 'M' for 'Manic ranting'
  20. Why the fsck ? by Hamsterdan · · Score: 1

    Why was that info on a USB stick (for one), and why wasn't that info protected?

    --
    I've got better things to do tonight than die.
  21. Re:No by Sir_Sri · · Score: 1

    The local reporting here said it was. I'm not sure who is wrong/lying

  22. Re:No by Em+Adespoton · · Score: 1

    The data WAS encrypted, so your argument is useless. The poster just chose the wrong links, as the ones linked fail to mention that the data was encrypted.