clock menu more-arrow no yes

Filed under:

The Iowa Republican Party website just leaked 2 million voter records

New, 6 comments

An improperly maintained database on the website of the Iowa Republican party appears to have leaked voting records for two million Iowans, as reported by The Wall Street Journal. The database was part of a feature on the site that allowed Iowa voters to check their registration and closest caucus site. Unfortunately, poor security practice made the database accessible through a basic scan of the website's source code. The website fixed the issue after being notified by the Journal and it's unclear whether anyone accessed or downloaded the database. Still, leaving it available represents a significant security breach for the site.

Voter records aren't as sensitive as most breached information, giving only a person's name, contact information and past elections in which they've been counted at polls. (Party registrations are included, but individual votes remain private.) The data is also openly available for purchase from state agencies, although there are significant restrictions on its use. The open proliferation of that data has lead to a number of breaches, including an earlier breach in Georgia and a dark web database that appeared to contain data for 190 million Americans.