23 June 2016

In December 2015 we have received reports on exposure of 191 million records of US citizens. The so-called Voters database contained names, addresses, dates of birth, etc. of adult voters.

The same researcher Chris Vickery from MacKeeper reported another leak. This time information of 154 million US citizens was publicly open due to faulty configuration of CouchDB.

The new database belongs most likely to some political party due to information, contained in it. The database was hosted on Google and contained full address, name, age, estimate income, ethnicity, gender, supported political party, phone number, email, marital status, information about gun possession, number of times the person has voted before, addresses of Facebook profiles.

Researchers suspected that the data was leaked by L2, they contacted the organization and the database was put offline.

Below is a screenshot of database record posted by Daily Dot:

This is not the first issue related to incorrect database security configuration. The database vendors should do something about it, and very soon. Otherwise we will see more of such leaks and this could end badly.

We at Cybersecurity Help encourage our readers not to trust too much into your firewall and do implement an additional level of protection (at least logins and passwords) when accessing your databases.