D.C. Board of Elections: Hackers may have breached entire voter roll

1 month ago

USA elections vote

The District of Columbia Board of Elections (DCBOE) says that a threat character who breached a web server operated by nan DataNet Systems hosting supplier successful early October whitethorn person obtained entree to nan individual accusation of each registered voters.

The full elector rotation that whitethorn person been exposed contains a wide scope of personally identifiable accusation (PII), including driver's licence numbers, dates of birth, partial societal information numbers, and interaction accusation specified arsenic telephone numbers and email addresses.

"Today, DCBOE learned nan afloat elector rotation MAY person been accessed successful nan breach of DataNet Systems' database server," nan agency tweeted.

"DataNet Systems could not pinpoint if aliases erstwhile this record whitethorn person been accessed aliases really many, if any, elector records were accessed," DCBOE said in a Friday update.

"Out of an abundance of caution, DCBOE will scope retired to each registered voters. In addition, DCBOE will beryllium engaging pinch Mandiant, a cybersecurity consulting firm, to assistance pinch adjacent steps."

Website breach leads to elector information leak

On October 5, 2023, nan DCBOE became alert of a breach involving a threat character known arsenic RansomVC, which claimed to person stolen 600,000 lines of U.S. elector data, including D.C. elector records.

In collaboration pinch MS-ISAC's Computer Incident Response Team (CIRT), nan agency took down its website upon discovering nan attack. They replaced it pinch a attraction page to incorporate nan business aft identifying nan website arsenic nan root of nan breach.

Further investigations revealed nan attackers gained entree to nan accusation done nan web server of DataNet, nan hosting supplier for Washington D.C.'s predetermination authority. No DCBOE databases aliases servers were straight compromised successful nan incident.

The DCBOE is investigating nan breach pinch nan assistance of outer information experts, nan Federal Bureau of Investigation (FBI), and nan Department of Homeland Security (DHS).

The efforts are focused connected assessing nan afloat grade of nan breach, identifying nan vulnerabilities exploited during nan attack, and implementing measures to safeguard elector information and systems.

Stolen information up for sale

On their acheronian web website, RansomedVC claims nan caller information breach led to nan theft of much than 600,000 lines of elector information from nan United States.

"We person successfully penetrated nan District of Columbia Board Of Elections and person acquired complete 600k lines of USA Voters," says nan threat actor.

RansomedVC says nan stolen information contains Washington D.C. voters' individual information, including names, registration IDs, elector IDs, partial Social Security numbers, driver's licence numbers, dates of birth, telephone numbers, emails, and more.

The accusation is still disposable for waste connected nan threat actor's acheronian web leak site, though nan value remains undisclosed.

Despite RansomedVC's declare of nan breach and their existent effort to waste nan information connected their leak site, an anonymous root told BleepingComputer was told connected October 3 that nan stolen DCBOE database was first offered for waste connected nan BreachForums and Sinister.ly hacking forums by a personification named pwncoder.

It is worthy noting that some those posts person since been removed, and RansomedVC is nan only threat character still trading nan data.

BleepingComputer was besides told that nan information was extracted from a stolen MSSQL database containing nan specifications of much than 600,000 voters from nan District of Columbia.

Recent claims made by RansomedVC to person hacked into Sony's servers and stolen complete 260GB of files (with a 2MB leaked archive shared arsenic proof) were besides challenged by different threat character known arsenic MajorNelson, who released a 2.4 GB archive of files connected BreachForums, besides allegedly taken from Sony's systems.

Although nan information they shared appears to beryllium associated pinch Sony, BleepingComputer could not independently corroborate nan authenticity of nan claims made by either party.