On October 6, DataBreaches reported a breach allegedly containing more than 600,000 lines of data on registered voters in D.C., where, according to the threat actors who listed it, each line represented one voter’s records.
Although there may have been 600k lines of data as previously reported, the D.C. Board of Elections released a statement on October 16 stating that so far, their preliminary forensic investigation in conjunction with the Multi-State Information Sharing and Analysis Center (MS-ISAC) indicates that there were fewer than 4,000 registered voters from D.C.. The data records are from August 9, 2019 to January 25, 2022 and contain information from voters who participated in DCBOE’s canvass process, which is conducted every oddnumbered year to ensure the voter roll is up-to-date.
DCBOE also confirmed that some DC voter information was accessed through a breach of DataNet Systems’ web server. No internal DCBOE databases or servers were directly compromised.
It’s not yet clear what other data was in the 600k-line data set and whether that data was publicly and freely available or whether any of it was voter data that was supposed to be kept confidential.
New UPDATE DCBOE Voter Data Breach 101623_FINAL