UpGuard reports second major security breach

UpGuard reports second major security breach | Insurance Business

UpGuard reports second major security breach
Only three weeks after it uncovered a major security breach involving Booz Hamilton, an IAG-backed cybersecurity firm has exposed another breach – this time involving sensitive voter data in the USA.

A cyber risk analyst at UpGuard uncovered more than a terabyte of voter information, including home addresses, birthdates, and opinions of political issues, on a publicly accessible server held by marketing firm Deep Root Analytics which works for the Republican National Committee.

A routine scan of the internet last week led Chris Vickery to find what UpGuard claimed was “perhaps the largest known exposure of voter history” and which involved the unprotected files of 198 million voters, The Australian reported.

Search and compare product listings for Cyber Insurance from specialty market providers here

He reported the discovery to US law enforcement officials.

The information, that added to “billions of data points,” was publicly accessible from June 01 to July 12 without even a need for a password, Vickery told The Washington Post.

“With this data you can target neighbourhoods, individuals, people of all sorts of persuasions,’’ he said. “I could give you the home address of every person the RNC believes voted for Trump.”

In a statement, Deep Root blamed a settings change for the lapse in security, and said it had had engaged the services of an outside firm for an independent investigation.

“We accept full responsibility, will continue with our investigation, and based on the information we have gathered thus far, we do not believe that our systems have been hacked,” the company said.

Deep Root co-founder Alex Lundry said the data had been secure since new protocols were put in place on June 14, the report said.

Related stories:
IAG-backed UpGuard alerts of major US security breach