A database on a third party computer server comprised of over 19.5 million Californians voter records was exposed to the public internet before being held for ransom by hackers.

The information, which was obtained from the state for reporting purposes by Newspaper organization, the Sacramento Bee, exposed includes voter’s names, addresses, birth dates, and political affiliation. While this does not constitute as PII by the state, this information is more than enough to aid cybercriminals in convincing phishing campaigns.

The Bee was storing the data in a MongoDB database that was left crucially exposed for a fortnight after a vendor performed routine maintenance and the firewall did not come back online. Simple as that. Hackers spotted the error, encrypted the data, and demanded a Bitcoin payment to unlock it.

The Bee ended up deleting the encrypted data instead of paying the ransom demand.

Even worse, a different database containing names, home addresses, email addresses, and phone numbers of 52,873 Sacramento Bee subscribers was compromised exactly the same way.

The Bee learned of the incident on January 29 when a developer noticed that a database wouldn’t upload properly to a server maintained by a third party hosting service. The developer then found a note from a hacker demanding a Bitcoin ransom payment in exchange for the data.

Unfortunately, this isn’t the first time California voters have had their vote details held for ransom. Security firm Kromtech reported a similar incident back in December 2017, but hackers in that scenario stole the database and left a ransom note in its place.

Ransomware attacks will continue to escalate if organizations disregard basic security rules and operate with misconfigured Mongo DBs and AWS S3 buckets.

 

Request The FREE NNT Ransomware Mitigation Kit

 

 

Read this article on InfoSecurity Magazine

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.