The District of Columbia Board of Elections (DCBOE) on Friday introduced that its full voter roll might need been accessed in a latest data breach at a third-party providers supplier.
The incident was initially disclosed on October 6, when the company stated {that a} menace actor accessed 600,000 traces of US voter information after breaching DataNet, which offers web site internet hosting providers to DCBOE.
On October 20, in an replace to its preliminary notification, DCBOE revealed that the attackers might need accessed the knowledge of all registered voters.
“DataNet Techniques’ breached database server did include a duplicate of the DCBOE’s voter roll,” the company stated.
“DataNet Techniques confirmed that unhealthy actors might have had entry to the complete voter roll which incorporates private identifiable info (PII) together with partial social security numbers, driver’s license numbers, dates of delivery, and phone info corresponding to telephone numbers and electronic mail addresses,” DCBOE added.
In keeping with the company, DataNet has but to find out if the complete voter roll was certainly accessed, when that may have occurred, and what number of people might need been impacted.
DCBOE says that it’ll contact all registered voters to tell them of the incident and that it is going to be working with Google’s cybersecurity arm Mandiant to analyze the data breach.
The company’s database and servers weren’t straight compromised, however DCBOE scanned its techniques for vulnerabilities following the assault, and took down its web site, changing it with a upkeep web page.
In its preliminary notification, DCBOE additionally identified that a lot of the voter information is publicly accessible or could be obtained from the company upon request.
In early October, ransomware group RansomedVC claimed accountability for the incident, saying that it was planning to promote the information to a single purchaser.
