The District of Columbia Board of Elections (DCBOE) says {that a} risk actor who breached an online server operated by the DataNet Methods internet hosting supplier in early October might have obtained entry to the non-public info of all registered voters.
The whole voter roll that will have been uncovered comprises a variety of personally identifiable info (PII), together with driver’s license numbers, dates of start, partial social safety numbers, and make contact with info reminiscent of cellphone numbers and electronic mail addresses.
“Immediately, DCBOE realized the complete voter roll MAY have been accessed within the breach of DataNet Methods’ database server,” the company tweeted.
“DataNet Methods couldn’t pinpoint if or when this file might have been accessed or what number of, if any, voter data have been accessed,” DCBOE stated in a Friday replace.
“Out of an abundance of warning, DCBOE will attain out to all registered voters. As well as, DCBOE will likely be participating with Mandiant, a cybersecurity consulting agency, to help with subsequent steps.”
Web site breach results in voter information leak
On October 5, 2023, the DCBOE grew to become conscious of a breach involving a risk actor generally known as RansomVC, which claimed to have stolen 600,000 traces of U.S. voter information, together with D.C. voter data.
In collaboration with MS-ISAC’s Laptop Incident Response Crew (CIRT), the company took down its web site upon discovering the assault. They changed it with a upkeep web page to include the state of affairs after figuring out the web site because the supply of the breach.
Additional investigations revealed the attackers gained entry to the data by the net server of DataNet, the internet hosting supplier for Washington D.C.’s election authority. No DCBOE databases or servers have been straight compromised within the incident.
The DCBOE is investigating the breach with the help of exterior safety consultants, the Federal Bureau of Investigation (FBI), and the Division of Homeland Safety (DHS).
The efforts are centered on assessing the complete extent of the breach, figuring out the vulnerabilities exploited in the course of the assault, and implementing measures to safeguard voter information and methods.
Stolen information up on the market
On their darkish net web site, RansomedVC claims the latest safety breach led to the theft of greater than 600,000 traces of voter information from the USA.
“We now have efficiently penetrated the District of Columbia Board Of Elections and have acquired over 600k traces of USA Voters,” says the risk actor.
RansomedVC says the stolen information comprises Washington D.C. voters’ private info, together with names, registration IDs, voter IDs, partial Social Safety numbers, driver’s license numbers, dates of start, cellphone numbers, emails, and extra.
The knowledge continues to be accessible on the market on the risk actor’s darkish net leak website, though the value stays undisclosed.
Regardless of RansomedVC’s declare of the breach and their present try to promote the info on their leak website, an nameless supply instructed BleepingComputer was instructed on October 3 that the stolen DCBOE database was first provided on the market on the BreachForums and Sinister.ly hacking boards by a consumer named pwncoder.
It’s price noting that each these posts have since been eliminated, and RansomedVC is the one risk actor nonetheless promoting the info.
BleepingComputer was additionally instructed that the info was extracted from a stolen MSSQL database containing the small print of greater than 600,000 voters from the District of Columbia.
Current claims made by RansomedVC to have hacked into Sony’s servers and stolen over 260GB of recordsdata (with a 2MB leaked archive shared as proof) have been additionally challenged by one other risk actor generally known as MajorNelson, who launched a 2.4 GB archive of recordsdata on BreachForums, additionally allegedly taken from Sony’s methods.
Though the info they shared seems to be related to Sony, BleepingComputer couldn’t independently affirm the authenticity of the claims made by both celebration.
