STREAMING NOW: Watch Now

Cybersecurity Firm Finds Hacker Selling Info on 186 Million U.S. Voters

Courtesy of Colin / Wikimedia Commons / CC BY-SA 4.0

A cybersecurity firm says it has found a hacker selling personally identifying information from more than 200 million Americans, including the voter registration data of 186 million.

Posted: Oct 21, 2020 9:09 PM
Updated: Oct 21, 2020 9:20 PM

NBC News (WASHINGTON) — A cybersecurity firm says it has found a hacker selling personally identifying information from more than 200 million Americans, including the voter registration data of 186 million.

The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as American officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election.

Much of the data identified by Trustwave, a global cybersecurity firm, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registrations were found for sale in bulk on the dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, sending emails designed to intimidate voters.

“An enormous amount of data about U.S. citizens is available to cyber criminals" and foreign adversaries, said Ziv Mador, vice president of Security Research at Trustwave, which found the material.

“In the wrong hands, this voter and consumer data can easily be used for geo-targeted disinformation campaigns over social media, email phishing, and text and phone scams," he added, "before, during and after the election, especially if results are contested.”

The data is a mix of material stolen in various hacks of companies in recent years, and publicly available data retrieved from government web sites, he said. In most states, voter registration information is publicly available, for example.

Trustwave monitors dark web forums for threat information, and came across a hacker calling himself Greenmoon2019 offering the data for sale. Trustwave used fictitious identities to induce the hacker to provide more information, including a Bitcoin wallet that Greenmoon2019 used to collect payment.

Bitcoin wallets — virtual storage facilities for the most commonly used cryptocurrency — publicly display transactions, though not the identities of those making them. Trustwave was able to trace payments to a larger wallet, created in May, that has taken in $100 million in what the firm believes is illicit proceeds, Mador said. Not all of that was from data sales, he added.

The wide availability of personal information is not new, but the idea that such a huge cache is for sale as the election approaches underscores how easy it would be for malicious actors to cause trouble. Trustwave said the hacker was offering 186 million voter records and 245 million records of other personal data.

Director of National Intelligence John Ratcliffe said Wednesday night that Iran had obtained voter registration information and used it to send threatening emails to Democrats while posing as the Proud Boys, a white supremacist group. Ratcliffe said the Russian government had also obtained voter registration information.

Voter registration data is public in many states, but email addresses are not often part of the public data. The hacker identified by Trustwave used other stolen data to pair email addresses with voter rolls and offer it for sale as a package, Mador said.

The databases on sale by Greenmoon2019 would allow malicious actors to target the email addresses of only registered Democrats, for example, or only registered Republicans.

Trustwave said it turned over what it had gathered to the FBI, which told NBC News in a statement:

“We are committed to finding and investigating fraud during this election. While we cannot comment on information we may or may not have received from the public, we want to assure the American people the FBI is closely coordinated with our federal, state, and local partners to safeguard our voting processes.”

Lafayette
Clear
52° wxIcon
Hi: 77° Lo: 68°
Feels Like: 52°
New Iberia
Clear
50° wxIcon
Hi: 78° Lo: 69°
Feels Like: 50°
Ville Platte
Scattered Clouds
47° wxIcon
Hi: 76° Lo: 65°
Feels Like: 47°
Abbeville
Scattered Clouds
54° wxIcon
Hi: 76° Lo: 67°
Feels Like: 54°
Crowley
Overcast
55° wxIcon
Hi: 76° Lo: 67°
Feels Like: 55°
Saint Martinville
Clear
50° wxIcon
Hi: 78° Lo: 69°
Feels Like: 50°
Opelousas
Scattered Clouds
47° wxIcon
Hi: 77° Lo: 66°
Feels Like: 47°
Rain chances stick around through the weekend

Latest Video

Image

Rain Chances on the Rise

Image

Cajuns Prepare for ULM

Image

Tracking a stormy holiday weekend

Image

Waitr and Local Restaurants Launch Holiday Food Drive in Lafayette

Image

Al Berard Memorial Fund Kicks Off Annual Fundraising Campaign

Image

Spaynation: Cute Kitten Up for Adoption

Image

What to Expect for Thanksgiving Traffic

Image

Cool Today, Warmer Week Ahead

Image

Protest for Quawan Charles

Image

Weather 11-22-2020

Community Events