An online database of voter profiles about 154 million Americans suffered a data breach. A security researcher discovered the unprotected online database. HelpNetSecurity reported:
"It was a CouchDB database that required no authentication to be accessed, hosted on Google’s Cloud services. Luckily, an ID associated with each record pointed [the security researcher] in the right direction regarding the owner of the data... the data was originally collected by a data brokerage company named L2... The client told us that they were hacked, the firewall was taken down and then the probing began..."
The voter profiles include full names, addresses, phone numbers, age, gender, marital status, estimated income, political party, congressional district affiliation, state senate district affiliation, and more:
"Some of the records also contained information about the voters’ marital status, whether they had children or owned a gun, their stance on gay marriage, the language(s) they speak, and their email address."
This is the type of information a political party would collect. The report did not state which political organization. The security researcher also discovered that the unprotected online database was accessed by others, including a user in Europe. The database is no longer online.
The report did not state who would notify affected persons, or when this might happen.