WASHINGTON (1/15/15)--An improperly configured database exposing the information of 191 million registered U.S. voters was discovered on Dec. 20. The database was taken offline Dec. 28, presumably to be patched (Fortune Jan. 4).
Austin-based researcher Chris Vickery, who discovered the breach, said the database contains voter information from all 50 states.
Nobody will admit to owning the database. SecurityWeek reported that Vickery has been assisted by fellow researchers at DataBreaches.net as well as Steve Ragan of CSO Online in trying to identify the owner responsible for the database.
SecurityWeek reported that NationBuilder, a tool often used for political campaigns, is currently the main suspect.
“While the database is not ours, it is possible that some of the information it contains may have come from data we make available for free to campaigns,” NationBuilder founder and CEO Jim Gilliam said in a statement. “From what we’ve seen, the voter information included is already publicly available from each state government, so no new or private information was released in this database.”
Although voter registration information is generally publicly available, roughly half of U.S. states limit use of it in some way, such as prohibiting commercial use.