Deep Root Analytics, an analytics firm, hired by the Republican National Committee exposed information on nearly 200 million voters by storing their information on an open Amazon S3 storage server. The records included information about a voter's name, date of birth, home address, phone number, party affiliation, and more that can be leveraged to perform identity theft, scams, and other hacks. It is believed that no other outsiders except for the security researcher who discovered the open server has accessed this data but that assessment is still in progress. Deep Root Analytics has updated the access settings on Amazon's server and is working with forensic investigators to conduct a thorough investigation.
For more information, see: http://www.csoonline.com/article/3201201/security/rnc-data-analytics-firm-exposes-voting-records-on-198-million-americans.html
ACA Aponix Guidance
ACA Aponix recommends taking the following precautionary measures:
- Be wary of identify theft, scams, and inbound phone calls that reference any of this data.
- Place a security freeze with credit bureaus.
- Avoid using the exposed information as part of security validation questions.
If you have any questions, please contact your ACA Aponix consultant or email us at firstname.lastname@example.org.