Just when I thought the days of misconfigured AWS S3 buckets are over, I discovered a massive US voter data online, apparently being part of Robocent, Virginia Beach-based political autodial firm’s cloud storage.

What's more disturbing is that company’s self-titled bucket has been indexed by GrayhatWarfare, a searchable database where a current list of 48,623 open S3 buckets can be found.

Robocent cloud storage, with 2594 listed files, was available for anybody on the internet searching for a ‘voters’ keyword, long before I have spotted it. Repository contained both audio files, with pre-recorded political messages for robocalls dials (*.mp3, *.wav), and voter data (*.csv, *.xls files), including the following information:

Full Name, suffix, prefix

Phone numbers (cell and landlines)

Address with house, street, city, state, zip, precinct

Political affiliation provided by state, or inferred based on voting trends/history

Age and birth year

Gender

Jurisdiction breakdown based on district, zip code, precinct, county, state

Demographics based on ethnicity, language, education

Many of the files did not originate at Robocent, but are instead the aggregate of outside data firms such as NationBuilder.

Robcent offers voter data just for 3¢/record. According to their site, “we provide voter files for every need, whether it be for a new robocall or simply to update records for door knocking. Our simple request process allows users to choose exactly who to target with no minimum order”

Screenshot from GrayhatWarfare site with Robocent files listed

As soon as I identified the potential owner of repository, I have sent responsible disclosure. Bucket and files access has been quickly secured by a developer who got in touch via e-mail with the following explanation of the exposure:

"We're a small shop (I'm the only developer) so keeping track of everything can be tough"

Read more on this in Zack's take at ZDnet.

Unfortunately, voter database breaches have become common in the age of digital records. Earlier this year I have reported California voter database leak and other numerous examples are always in the headlines.

There are many things that admins can do to make their storage repositories like AWS S3 more secure. One such solution is to use the free open source tool that Kromtech Security Center released to scan Amazon S3 buckets for public accessibility within your network. The tool gives users a report that they can then use to shut down any unwanted public access to the S3 buckets and the valuable data they contain. The Kromtech S3 Inspector tool provides an extra layer of security that administrators can use to identify unwanted access by unauthorized users.

**********************************************************************

P.S.: In the nearest future I am leaving Kromtech to explore new opportunities with my cyber security, analytics and PR/communiations expertise.

Having said that, I have many ideas and strong portfolio on how I can be helpful for your organization to become an industry leader and reputable player in a security/privacy niche. Let's get in touch to learn more and make the cyber world safer together!

Contact me: volodymyr.dyachenko[at]gmail.com