Weeks before the November midterm elections, roughly 35 million U.S. voter registration records from 19 states have appeared for sale on the dark web. 

Researchers from Anomali Labs and Intel 471 discovered the data for sale, which reportedly includes voters’ “full name, phone numbers, physical addresses, voting history, and other unspecified voting data.”

Just three of the 19 states consisted of 23 million voter records.

Although record counts for the remaining 16 states were not listed, the advertisement includes prices for each voter list. Prices range from $150 to $12,500 – depending on the state.

Affected states include: Georgia, Idaho, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Mississippi, Montana, New Mexico, Oregon, South Carolina, South Dakota, Tennessee, Texas, Utah, West Virginia, Wisconsin, and Wyoming.

“To our knowledge, this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history,” said Anomali Labs in a blog post detailing the findings.

Shortly after the advertisement was published on Oct. 5, 2018, Anomali Labs noted that another high-profile actor organized a crowdfunding campaign to purchase the voter records.

According to the actor, the purchased databases would be made available free of charge to all registered members of the hacker forum – with early access given to donors of the project.

As of this writing, the Kansas voter database has been acquired and published. Meanwhile, a second crowdfunding project took a vote to acquire Oregon next.

Furthermore, the seller claimed to update the voter registration data every week as he or she received “information via contacts within the state governments.”

If combined with other breached data, Anomali Labs warns the voter records could be misused by malicious actors to disrupt the electoral (Read more...)