Personal information on every voter in Mexico was left sitting out in the open on an Amazon server until Friday, according to Scientific American. Information on 87 million voters — including their names, addresses, birthdates, and national identification numbers — is said to have been openly available to anyone who stumbled across this server. It's not clear how it got there or who may have accessed it, but it presents very obvious security concerns. According to Motherboard, the list was current as of February 2015.
The voter records were left totally unsecured
The leak was discovered by MacKeeper security researcher Chris Vickery, who also identified the leak of over 190 million US voters' data in December. Vickery reported the finding to officials in the US and Mexico. Mexico's National Electoral Institute confirmed the leak on Friday. It's now looking into who is at fault and notes to Scientific American that the records' publication represents a criminal offense. There's some speculation that it could have leaked through one of Mexico's nine political parties, which are each provided with a copy of voter information.
Though the data was on an Amazon server, it appears that the fault did not lie with Amazon itself. The issue was that the data was publicly available, with no password or other form of authentication required to view it, according to Vickery. Amazon also notes that, "While [Amazon Web Services] manages security of the cloud, security in the cloud is the responsibility of the customer."
Motherboard points out that this is not the first leak of Mexican voter information. The US government bought access to a leaked copy back in 2001. Then in 2013, a 2010 voter database leaked.