RoboCent, a Virginia Beach-based political robocall firm, has exposed the personal details of hundreds of thousands of US voters, according to the findings of a security researcher who stumbled upon the company’s database online.
The researcher, Bob Diachenko of Kromtech Security, says he discovered the data using a recently launched online service called GrayhatWarfare that allows users to search publicly exposed Amazon Web Services data storage buckets. Such buckets should never be left exposed to public access, as they could hold sensitive data.
The server that drew Diachenko’s attention, this time, contained 2,584 files, which the researcher later connected to RoboCent.
The type of user data included: full name, address, phone numbers, political affiliation, age, gender, jurisdiction breakdown and demographic information.