The Rise Of Politically Identifiable Information

Next: Breach Detection Times Have Not Improved
Previous: The Security Industry Mindset: Black Hat 2015 vs....
Enormous amounts of compromised political information are floating around the dark web. And no one wants to talk about it.
Writer Emily W.
July 19, 2016

Emily serves as the Director of Analysis at Terbium Labs. With a background in International Relations, Emily alternates between quiet rants about Russian politics and foreign policy, while crafting blog posts about the realities of the Dark Web (hint: red rooms aren't real).

During the Super Tuesday primaries this year, while everyone was focused on the latest results, someone quietly leaked the names, home addresses, and contact information for every GOP delegate in a western state. The list was up for a day or two, and then went away, with no one in the media the wiser.

As the Republican National Convention gets underway, we are keeping a close eye on the appearance of new and politically relevant data. The leak of delegates during the primaries is a single data point in a long election cycle of data breaches and political leaks. Donald Trump was doxxed, and server information for his properties was exposed. A list reported to be his email contacts showed up online with names, positions, and contact information. The now infamous DNC breach resulted in a series of document leaks, with more appearing every week. What’s next?

These are only a small portion of the political PII that appears on the dark web day to day. Admittedly we’re seeing more as the election approaches - and we expect to see at least one more big leak sometime during the conventions, with another appearing as we head into election day. These election leaks are not outliers, however. We regularly see dumps of state and local government officials, the staff of a senator or interns of a congresswoman, or perhaps a detailed list of family members for an unpopular governor.

The politicians are exposed. The delegates are exposed. And, more pressingly, the voters are exposed.

Voting databases have also been in the news over the last several months, as one country or state after another faces issues with misconfigured databases or exploited voter lists - not the least of which is the 191 million records exposed at the end of 2015. These voting databases contain detailed personal information, voting history, and party affiliations, along with voter ID numbers. Voting databases aren’t the only source of exposure. Right now, there’s a full state’s Driver’s License database for sale on one of the major dark web markets, providing all of the same information accessible through a voter database.

Around the world and at a convention center in Ohio, all eyes are on the candidates. In the next few days we should have a final answer on the Republican nominee. The real question is, who’s watching their data?

RELATED ARTICLES
analysis October 08, 2018
The Nine Lives of a Stolen Payment Card

For financial institutions, simply cancelling and issuing a new card will only prevent fraudulent charges on that specific payment card—a canceled card does nothing to stop future fraudulent activity stemming from other compromised cardholder...

analysis October 02, 2018
The Truth About Dark Web Pricing

Asking how much data costs on the dark web is a good question, but the line of inquiry should not end there. In our research of the dark web, Terbium Labs not only examines...