Protecting the privacy and data of US citizens seems to be a true assault course.
Remember, on last June 12, a leak of nearly 25 terabytes of “sensitive” data was revealed by security researcher Chris Vickery. This file hosted on unsecured Amazone cloud contained address, political orientation, skin color, etc. of 198 million American voters.
In this lineage, a new leak was uncovered. This time, it is a leak of data of the same ilk and coming from the voting machines of Illinois. Approximately 2 million voters of this state are concerned. Again, it is a non-secure Amazon Web Service server that is involved. A discovery that we owe to Jon Hendren, of the society of “cyber resilience” : Upguard.
If this incident does not in itself call into question the sincerity of the votes listed on the machines, it discredits the manufacturer, Election Systems & Software (ES & S), a heavyweight firm in the election business sector. Nowadays, it should be emphasized this company provides 42 states of the United States. The latter defended himself of any immobilism and claimed to have intervened after being contacted by the forces of the order. It also states that the voting information itself (who did the voters choose?) was not part of the accessible data.
This case arises in a tight post-election context and encourages greater vigilance regarding the regular updating of tools and their access procedures. These cases beyond U.S. borders since citizens of Turkey, Philippines and Mexico were victims of these data theft. A reflection on the cloud outsourcing must also weigh the relevance of the choice of data management.
To quote an unfortunate candidate for the US Presidential, “In the digital age, privacy must be a priority” (Al Gore). This story is a painful reminder…