Slashdot Mirror

← Back to Stories (view on slashdot.org)

154 Million Voter Records Exposed Due To Database Error (dailydot.com)

Posted by BeauHD on from the error-processing-command dept.

blottsie writes: Chris Vickery, a security researcher at MacKeeper, has uncovered a new voter database containing 154 million voter records, exposed as a result of a CouchDB installation error. The database includes names, addresses, Facebook profile URLs, gun ownership, and more. Who exposed the voter database? Vickery believes the suspect may be linked to L2, a company specializing in voter data utilization, after he noticed that the voter ID field was labeled "LALVOTERID." After calling the company, L2 said the database likely belongs to one of their clients, noting that there are very few clients big enough to have a national database like that. The database was secured within three hours of their phone call. L2's CEO Bruce Willsie said that the client told L2 that they were hacked and the firewall had been taken down. Their client is conducting their own research to figure out the extent of the incursion. The Daily Dot reports: "Why does this keep happening, and what is our government doing about it? No federal agency is enforcing data security in political organizations or non-profits, and so far, neither are state attorneys general."

4 of 95 comments (clear)

  1. Why does it keep happening? by hrieke · · Score: 4, Insightful

    My flippant answer:
    Cause companies refuse to pay market rate for those who actually know how to secure these things , & pay for the hardware and services.

    Honestly however, this is not a government issue, this is a private industry issue, and it's going to cost money.

    --
    III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIIIV IIVIIIIIIVIII...
    1. Re:Why does it keep happening? by plopez · · Score: 3, Insightful

      In software there are no consequences for idiocy. There are no laws governing the quality of software, e.g. requiring warranties or health and safety laws. In addition Software "Engineers" are not true engineers as there is no licensing procedure and unlike true engineers no liability for a poor design. So these so called Software "Engineers" can slap code together and get away with out getting sued. The same is true of Network "Engineers", Security "Engineers" etc.

      There is no such thing as "Software Engineering".

      --
      putting the 'B' in LGBTQ+
  2. Because "Oops" by penguinoid · · Score: 4, Insightful

    The reason it keeps happening is that when it happens, the CEO (who, incidentally, decided that security was an expense to be minimized) merely says "Oops, sorry." and then there are no consequences.

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    1. Re:Because "Oops" by plopez · · Score: 3, Insightful

      What needs to happen is that failure must be made expensive.

      --
      putting the 'B' in LGBTQ+