The Washington D.C. Election Board, known formally as the District of Columbia Board of Elections (DCBOE), is currently investigating an alleged data leak. This incident reportedly involves an undisclosed number of voter records and is claimed by a hacker named RansomedVC.
The DCBOE is a self-governing entity within the District of Columbia Government, responsible for organizing elections, ensuring ballot availability, and managing voter registration.
Early investigations suggest that the data breach originated from the web server of DataNet, which hosts the election authority’s site for Washington, D.C. This means that DCBOE’s core servers and systems were not directly infiltrated.
In a statement, the DCBOE confirmed, “On 10/5, an incident related to cybersecurity concerning D.C. voter records came to our attention. Although investigations are ongoing, we’d like to clarify that our internal databases and servers remain secure.”
Upon detecting the breach’s source, the DCBOE, in conjunction with the MS-ISAC’s Computer Incident Response Team (CIRT), temporarily deactivated its official website, opting for a maintenance page instead.
To address this issue, the election board has been collaborating with cybersecurity specialists, the Federal Bureau of Investigation (FBI), and the Department of Homeland Security (DHS) to conduct an in-depth security evaluation of its internal systems.
In addition, the DCBOE has launched extensive security scans of its databases, servers, and IT infrastructure to pinpoint possible vulnerabilities that might have been exploited during this breach.
RansomedVC claims to have seized over 600,000 records from U.S. voters, specifically from D.C. They stated, “We’ve successfully accessed the District of Columbia Board Of Elections, obtaining over 600k USA Voter records.”
These purportedly stolen records are now listed for sale on the hacker’s dark web portal, though the selling price remains unknown. As evidence, RansomedVC has released a single record, supposedly showcasing the details of a D.C. voter. This data comprises the person’s name, registration and voter IDs, a fragment of their Social Security number, driving license number, birth date, phone, and email, among other details.
The Washington election board clarified in a statement, “It’s worth noting that certain voter registration details in the District of Columbia, such as names, addresses, voting histories, and party associations, are public. However, this is unless they are specifically marked confidential as per D.C.’s guidelines.”
However, confidential details like contact numbers and Social Security numbers aren’t shared by election boards.
The news of this data leak first reached public knowledge through DataBreaches.net. According to RansomedVC, they intend to sell these records to a solitary buyer.
Amidst these developments, another revelation has emerged. An unnamed insider informed Prior to RansomedVC’s claims the stolen database was allegedly up for sale on hacking forums BreachForums and Sinister.ly by a user dubbed pwncoder, but these posts have since disappeared.
Moreover, while RansomedVC recently proclaimed a breach of Sony’s systems, obtaining over 260GB of data, another hacker named MajorNelson contested these claims. The latter even unveiled a 2.4 GB data file, supposedly sourced from Sony, on BreachForums.