D.C. Board of Elections: Hackers may have breached entire voter roll

D.C. Board of Elections: Hackers may have breached entire voter roll

October 23, 2023 at 04:35AM

The District of Columbia Board of Elections (DCBOE) announced that a web server operated by DataNet Systems, a hosting provider, was breached, potentially exposing the personal information of registered voters, including driver’s license numbers, birthdates, social security numbers, and contact information. The DCBOE is investigating the breach with the help of cybersecurity experts, the FBI, and the DHS. A threat actor known as RansomedVC claimed responsibility for the breach and is attempting to sell the stolen data on the dark web. However, the authenticity of these claims has not been independently confirmed.

Meeting Notes Summary:

During the meeting, it was discussed that the District of Columbia Board of Elections (DCBOE) experienced a breach of a web server operated by the DataNet Systems hosting provider. As a result, the personal information of all registered voters may have been accessed by a threat actor. The compromised voter roll includes personally identifiable information such as driver’s license numbers, dates of birth, partial social security numbers, phone numbers, and email addresses.

DCBOE learned about the potential breach and is working with Mandiant, a cybersecurity consulting firm, to determine if and when the voter records were accessed. The agency is also cooperating with the FBI and DHS to investigate the incident and identify the vulnerabilities that were exploited. No databases or servers belonging to DCBOE were directly compromised.

The threat actor, RansomedVC, claims to have stolen over 600,000 lines of voter data, including the personal information of Washington D.C. voters. They have made this information available for sale on the dark web. However, it is worth noting that the data was initially offered for sale by a different user named pwncoder on hacking forums. The posts related to this sale have since been deleted.

The authenticity of RansomedVC’s claim and the extent of the breach are still being investigated. Additionally, RansomedVC has also claimed to have hacked into Sony’s servers, but another threat actor named MajorNelson has challenged these claims.

The focus of the investigation is to assess the full extent of the breach, identify vulnerabilities, and implement measures to protect voter data and systems.

Full Article