Data from 7.6 million US voters for sale on Russian hacking forums

Information security risks can transcend borders. An unidentified user has posted on a Russian hacking forum a database with records of at least 7.5 registered voters from Michigan, USA.

The worst part is that some threat actors have found a way to profit from leaked information, thanks to an economic stimulus program that allows citizens to make some money by reporting any potential interference in the country’s elections.

La imagen tiene un atributo ALT vacío; su nombre de archivo es usvoter.jpg

Kommersant researchers detected this information in a hacking forum on dark web. The database, published by a user identified as “Gorka9”, contains multiple details of Michigan merchants, including data such as:

  • Full names
  • Dates of birth
  • Gender
  • Registration date
  • Email address
  • Voter ID number

The individual who published the information claims that the database was updated in March 2020, which has already been verified by cybersecurity specialists.

The database not only contained data from Michigan residents, but also stored voter records from states such as Connecticut, Arkansas, Florida and North Carolina. The hacker also published information on some patients at the New York-based Brooklyn Center for Surgery.

As mentioned at the beginning of the note, some individuals have found a method to easily defraud the U.S. government through the State Department‘s “Rewards for Aid to Justice” program.

In early August, a cybersecurity firm reported that some Russian users began receiving SMS messages from the State Department offering rewards of up to $10 million USD for providing information on any attempted foreign interference in U.S. elections.

In addition to this fraud, experts mention that leaks can be used for political purposes, such as redirecting the voting intention of one candidate to another or even to discourage citizen participation in democratic processes: “These databases contain a lot of valuable information, allowing the deployment of all kinds of malicious activities,” says Andrey Arseevnti, director of a Russian-based security firm.