Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Midterms 2018: Millions of voting records for sale on dark web ahead of US elections

35 million records from 19 states appear on popular hacking forum, raising fears of mass electoral disruption

Anthony Cuthbertson
Friday 19 October 2018 13:01 BST
Comments
Dark web researchers say the data could be used to carry out voter identity fraud and voter suppression
Dark web researchers say the data could be used to carry out voter identity fraud and voter suppression

A massive database containing the voting records of around 35 million US citizens has been discovered on the dark web, just weeks ahead of the 2018 midterm elections.

Researchers from US-based cyber security firms Anomali Labs and Intel 471 discovered the huge cache on the dark web – a hidden section of the internet used by cyber criminals.

The records, posted to a popular hacking forum, included personally identifiable information such as the voters' full names, phone numbers, physical addresses and voting history.

The researchers noted that the records did not necessarily originate from a hack, but rather could have been obtained by someone who has legitimate access to the databases, such as a government official.

"To our knowledge, this represented the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters' personally identifiable information and voting history," they stated in a report.

"With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process of pursue large-scale identity theft."

Ways in which the data could be used to disrupt the elections include deleting voting registrations, changing voters' addresses, or requesting absentee ballots on behalf of the legitimate voter.

The voting records come from at least 19 US states, including: Georgia, Idaho, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Mississippi, Montana, New Mexico, Oregon, South Carolina, South Dakota, Tennessee, Texas, Utah, West Virginia, Wisconsin and Wyoming.

The price for the data of each voter list varies from $150 to $12,500 depending on the state, the researchers said.

"This pricing model could be related to the number of voter records per database listing and/ or, to a lesser degree of confidence, to offset the original cost to the illicit vendor," the report states. "Once purchased, the vendor claims to provide customers with regular updates at the start of each week."

The voter record listing claims to contain the details of 23 million voters in Louisiana, Wisconsin and Texas

One of the voter record lists has already been made publicly available through the hacking forum, after a crowdfunding campaign was set up to purchase the entire database of Kansas.

A separate report published by dark web intelligence company Terbium Labs this week detailed how increased profits for cyber criminals has accelerated the "professionalisation" of fraud.

The report explained how leaked and stolen personal data can pass through a highly-sophisticated supply chain to carry out a variety of crimes.

Support free-thinking journalism and attend Independent events

"Fraud is a multi-step process, and the dark web has accelerated the professionalisation of fraud to make these tools popular, affordable, and accessible," said Munish Walther-Puri, chief research officer at Terbium Labs.

“There continues to be an increase in the variety and volume of goods and services offered in this underground economy... The fraud community is built on the trade of ill-begotten sensitive data and is highly developed, with infrastructure, operations, business models, and profit margins."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in