HQ/EMEAFind out how we can help your business
A current DCBOE hack could disrupt the election process after the threat operators have stolen troves of voters’ data.
The District of Columbia Board of Elections has confirmed on their website that it suffered a security breach and the attackers have stolen voter data. DCBOE is an independent agency within the District of Columbia Government that oversees the elections, ballot access, and voter registration. This agency confirmed that they are investigating a data leak involving an unknown number of voter records.
RansomedVC claimed responsibility for the DCBOE hack.
A ransomware group called RansomedVC said that they had orchestrated the DCBOE hack and alerted the entity about their actions.
According to investigations, the attackers acquired unauthorised access to the information through the web server of DataNet. This affected server is the hosting provider for Washington D.C.’s election authority. Fortunately, the breach did not directly compromise DCBOE’s servers and internal systems.
In response to the breach, DCBOE has employed a third-party security response team and replaced its website with a maintenance page to mitigate the attack’s impact. In addition, the election board has contacted relevant law enforcement agencies, such as the FBI and the DHS, to evaluate the situation and assess its internal systems comprehensively.
Subsequently, DCBOE launched multiple vulnerability scans across its database, server, and IT networks to spot potential security vulnerabilities that might have enabled the attackers’ access to the stolen information.
On the other hand, RansomedVC claimed they had robbed more than 600,000 lines of U.S. voter data, including records of D.C. voters. They have emphasised that they want to sell the stolen data on the dark web, although the price remains undisclosed.
Furthermore, the ransomware group has provided a single record containing what they claim to be the personal details of a Washington, D.C., voter to prove the legitimacy of the compromised data.
The proof includes the individual’s names, registration IDs, voter IDs, partial Social Security numbers (SSNs), driver’s license numbers, dates of birth, phone numbers, and emails, among others. This disclosure presents solid evidence for the attackers since election authorities do not commonly give access to confidential information such as voters’ contact details and Social Security numbers.
Therefore, impacted voters should now be vigilant with unsolicited communications and sketchy emails since these threat actors want to sell the data that other actors could acquire and use for phishing attacks.
