DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

D.C. Board of Elections voter registration data up for sale on dark web (1)

Posted on October 6, 2023October 12, 2024 by Dissent

A new listing on ransomedvc claims, “We have successfully breached the District of Columbia Board Of Elections and have gotten more than 600k lines of USA Voters.”

The listing links to a sample consisting of one registered voter’s data. That listing included a number of fields with, but not limited to, VoterID, registration date, voter’s last name, middle name, and first name, partial SSN,  driver’s license number, telephone number, date of birth, postal address, political party affiliation, email address, and polling place. DataBreaches was able to confirm that it accurately matched the DCBOE’s database for that voter by using the board of election’s verification process.

That voter registered in 2022. DataBreaches requested a sample from any voter who registered recently, but was not provided one by press time.

Like many other boards of election, D.C. voter registration lists are publicly available. Anyone can acquire a copy of the D.C. list for $2.00.  But also like many other areas, some fields are not publicly available to everyone. The $2.00 doesn’t buy you all the data types in the ransomedvc sample.   The following entry is from the National Conference of State Legislatures and shows access to state voter registration lists and what fields are kept confidential:

In D.C., the following fields are kept confidential: “Any part of SSN, DOB, email addresses, phone numbers, identify of voter registration agency where voter registered.” Image: DataBreaches.net.

So did ransomedvc gain access to a database with some confidential voter registration information? Yes, and a spokesperson for ransomedvc tells DataBreaches that the reference to 600k lines is because each line is a complete voter record. When DataBreaches recently  examined the BOE’s monthly statistics for 2023, it appeared that there were between 550-600k currently actively registered voters.

Ransomedvc informs DataBreaches that the data will be sold to one buyer only. The price was not publicly listed, but in October 2020, the U.S. Election Assistance Commission commented on such lists being sold and the pricing:

The price, availability, and type of data in the voter file varies state-by-state. The price of the statewide voter file ranges from $0 to $37,000. The relative availability of voter file information can be categorized as open (effectively no use restrictions), mixed (some restrictions for specific types of user groups), or restricted (some restrictions for specific types of user groups or complete restrictions for specific types of user groups). In general, even the least restrictive states prohibit the commercial use of voter file information, however the amount of PII (such as DOB or SSN) included in the voter file may remain significant and valuable to a variety of malicious actors.

With only 600k voters and not full SSN, the price for the current data set should be relatively low even though there are other types of personally identifiable information. Some prominent residents may have been able to get access to their data suppressed for safety reasons, but without the whole database available to DataBreaches, it was not possible to look at that question.

DataBreaches reached out to the D.C. BOE for a statement and was told a statement would be sent, but it was not received by press time.

The domain name was corrected post-publication to ransomedvc. It had erroneously been listed in an earlier version as ransomed.vc.

Update 1: The following statement was sent to DataBreaches by the D.C. BOE:

Washington, D.C.–On October 5, 2023, the District of Columbia Board of Elections (DCBOE) became aware that a hacking group known as RansomVC claimed to have breached DCBOE’s records and accessed 600,000 lines of US voter data, including DC voter records. 

While DCBOE is still investigating this matter, DCBOE has found that voter records were accessed through a breach of the web server of DataNet, DCBOE’s website hosting provider. No internal DCBOE databases or servers were directly compromised.

DCBOE has taken the following actions during the initial phase of our investigation:

  • DCBOE initiated an internal assessment and began working with its data security and federal government partners to investigate the breach. These partners include, but are not limited to, the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Federal Bureau of Investigation (FBI), Homeland Security (DHS), and the Office of the Chief Technology Officer (OCTO). DCBOE is collaborating with MS-ISAC’s Computer Incident Response Team (CIRT) to resolve the issue.
  • DCBOE took down its website and replaced it with a maintenance page upon learning that our website was the source of the breach. 
  • DCBOE conducted vulnerability scans on our database, server, and other IT networks. 

DCBOE continues to assess the full extent of the breach, identify vulnerabilities, and take appropriate measures to secure voter data and systems.

It should be noted that in the District of Columbia, some voter registration data–such as voter names, addresses, voting records, and party affiliation–is public information, unless it has been made confidential in accordance with District of Columbia rules and regulations. DCBOE shares this information upon request in compliance with the law. 

This remains an active investigation and DCBOE will release additional information as it becomes available.

Related posts:

  • D.C. Board of Elections revises its estimate of data breach — could be entire voter roll
  • Colonial Pipeline was hacked. No, wait, Accenture was hacked. No, wait….. untangling claims. (2)
  • UPDATE: D.C. Board of Elections data breach contained fewer than 4,000 D.C. voters’ data
Category: Breach IncidentsGovernment SectorHackU.S.

Post navigation

← Parkers Chapel School District network hacked; FBI investigating
23andMe Cyberbreach Exposes DNA Data, Potential Family Ties →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets
  • Franklin, Tennessee Resident Sentenced to 30 Months in Federal Prison on Multiple Cyber Stalking Charges
  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.