A database containing several million American voters’ personal information has appeared on the Russian dark web, Russia’s Kommersant business newspaper reported this week.
The news is worrisome due to the upcoming presidential elections in the US and the fear of foreign interference.
According to the Russian newspaper, a user that goes online with the moniker “Gorka9” advertised free access to the personal information of 7.6 million voters in Michigan in an unnamed discussion forum. Kommersant has also found databases containing details of between 2 million and 6 million voters in Connecticut, Arkansas, Florida and North Carolina.
Leaked records include names, dates of birth, gender, dates of voter registration, addresses, zip codes, e-mails, voter registration numbers and polling station numbers.
The authenticity of the data was confirmed by the software firm Infowatch, which speculate the data was leaked online in late 2019, while Gorka9 claims data was valid as of March 2020.
According to the Russian newspaper, some users of the dark web forum are attempting to monetize the leaked data reporting them to the U.S. State Department. The US State Department recently launched a $10 million reward program aimed at preventing foreign interference in the upcoming election, for this reason, it is willing to pay any report of potentially harmful discovery.
“Forum users have found a way to make money on them, using the State Department’s program “Rewards for Aid to Justice”, which allows them to receive money for reporting the facts of interference in elections in the country.” reported the Kommersant. “The Rewards for Justice program became widely known in the summer; in early August, Znak.com reported that Russians began to receive SMS messages from the State Department with an offer for a reward of up to $ 10 million to detail the facts of foreign interference in the American elections.”
Kommersant reported the case of one user that claimed to have been paid $4,000 for having reported his findings of a leaked Connecticut voter database to the State Department.
Experts quoted by Kommersant speculated that the hackers had already obtained commercial benefits from the leaked data before publishing it online.
Who is behind this leak?
It is impossible to say and the Russian newspaper provided several possible explaination, including the fact that the leak could be the result of a deliberate provocation.
“Anastasia Fedorova, leading analyst in the Information Security department of the IT company CROC, points out that the post about the leak appeared shortly before the US presidential elections scheduled for November 3.” concludes the newspaper. “In her opinion, judging by the completeness of the information, the state system became its source. Another source of Kommersant believes that according to the nickname of the user who published the database, one can assume that this is “the first stage of preparation for accusing Russian hackers of interfering in the US presidential elections.”
(SecurityAffairs – hacking, US voters)