2018 Voter Records from 19 States for Sale on Hacking Forum

An estimated 35 million voters information from 19 states went up for sale on a dark web hacking forum. This was uncovered last Monday, October 15, by researchers from Anomali Labs and leading cybercrime intelligence provider, Intel 471. The discovery came just four weeks before the scheduled November 2018 US midterm elections. The data being sold contain full names, physical addresses, phone numbers, and voting history.

 

The hacked voter records came from the following states:

  • Georgia
  • Idaho
  • Iowa
  • Kansas
  • Kentucky
  • Louisiana
  • Minnesota
  • Mississippi
  • Montana
  • New Mexico
  • Oregon
  • South Carolina
  • South Dakota
  • Tennessee
  • Texas
  • Utah
  • West Virginia
  • Wisconsin
  • Wyoming

 

Out of the mentioned 19 states, 3 states alone comprise 23 million records – Texas (14 million), Wisconsin (6 million), and Louisiana (3 million). They were offered for prices between $1,300 and $12,500. For the remaining 16 states, no record counts were provided but their price ranges from $150 to as high as $4,000.

 

From Anomali Labs:

“Of note, the seller indicates they receive weekly updates of voter registration data across the states and that they receive information via contacts within the state governments. Certain states require the seller to personally travel to locations in-state to receive the updated voter information. This suggests the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum.

To our knowledge, this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history. With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large-scale identity theft.”