Security experts report that a collection of data on nearly the entire US voting community has been spread on hacker forums, opening up the opportunity for deception and scams that could influence the November 3 election.
A study published Wednesday by the security company Trustwave said that its analysts’ found vast databases on many hacker sites with extensive details on US voters and customers offered for sale.
In a blog post, security researchers said that the databases “have a startling amount of information about people, including their political affiliation,” and the vendors appear to have 186 million documents, which would mean almost all US voters.
According to the post by Trustwave analysts Ziv Mador and Nikita Kazymirskyi, “The details contained in the voter database can be used to execute successful social engineering scams and spread misinformation to potentially affect the elections, especially in swing states.”
At least some of the information came from public documents, the researchers said, but the other evidence seems to have come from data leaks or breaches. Other datasets on the entire US user community and on citizens of Britain, Canada, Ireland, and South Africa were also discovered, the researchers said.
In the United States, the researchers said, cybercriminals seem to be trying “to monetize the upcoming polls” by selling databases that contain, in some cases, names, age, gender and political affiliation of American voters, and phone numbers.
The news comes a day after US officials said that Russian and Iran had accessed polling records and taken measures to manipulate public opinion, including “spoofed” emails aimed at threatening voters and causing unrest.