CA Voter Records Breached; Hackers Want Ransom

CALIFORNIA -- A security expert with Kromtech said recently that cyber criminals have stolen the information of more than 19 million California voters. Bob Diachenko, COO of the German-based software and customer support company Kromtech Alliance, wrote in a blog post that security researchers have found an unprotected database that contains the information of 19.2 million voters in California.

The blog post, published on MacKeeperSecurity.com, said researchers discovered the crime in early December but were unable to identify the criminals, who demanded a ransom of "0.2 bitcoin ($2,325.01 at the time of discovery)."

In a statement to the media, the office of California's Secretary of State said they are "looking into unconfirmed reports that a third party may have uploaded some California voter information in an unsecure location online."

"We take any allegation of improper use of voter data very seriously, and have enlisted the support of law enforcement," the statement read. "There is no evidence that any of the Secretary of State’s systems have been hacked or breached or that any confidential information such as social security numbers, driver’s license numbers, state ID numbers, or voter signatures were disclosed. Under state law, limited voter data is made available for restricted use by campaigns, journalists, and academic researchers. It is illegal under state law to share or obtain this data without authorization."

But, Kromtech, which is widely cited by officials, said the "criminals used ransomware to wipe out the voter data and likely backed it up on a server making it even more risky."

The worst case scenario of the reported hack? That it could "affect someone’s voting process," the blog post read.

"This is a massive amount of data and a wake up call for millions citizens of California who have done nothing more than fulfill the civic duty to vote," Diachenko said. "This discovery highlights how a simple human error of failing to enact the basic security measures can result in a serious risk to stored data."

--Photo via Shutterstock