The Rise Of Politically Identifiable Information

Next: Breach Detection Times Have Not Improved
Previous: The Security Industry Mindset: Black Hat 2015 vs....
Enormous amounts of compromised political information are floating around the dark web. And no one wants to talk about it.
Writer Emily W.
July 19, 2016

Emily serves as the VP of Research at Terbium Labs. With a background in International Relations, Emily alternates between quiet rants about Russian politics and foreign policy, while crafting blog posts about the realities of the Dark Web (hint: red rooms aren't real).

During the Super Tuesday primaries this year, while everyone was focused on the latest results, someone quietly leaked the names, home addresses, and contact information for every GOP delegate in a western state. The list was up for a day or two, and then went away, with no one in the media the wiser.

As the Republican National Convention gets underway, we are keeping a close eye on the appearance of new and politically relevant data. The leak of delegates during the primaries is a single data point in a long election cycle of data breaches and political leaks. Donald Trump was doxxed, and server information for his properties was exposed. A list reported to be his email contacts showed up online with names, positions, and contact information. The now infamous DNC breach resulted in a series of document leaks, with more appearing every week. What’s next?

These are only a small portion of the political PII that appears on the dark web day to day. Admittedly we’re seeing more as the election approaches - and we expect to see at least one more big leak sometime during the conventions, with another appearing as we head into election day. These election leaks are not outliers, however. We regularly see dumps of state and local government officials, the staff of a senator or interns of a congresswoman, or perhaps a detailed list of family members for an unpopular governor.

The politicians are exposed. The delegates are exposed. And, more pressingly, the voters are exposed.

Voting databases have also been in the news over the last several months, as one country or state after another faces issues with misconfigured databases or exploited voter lists - not the least of which is the 191 million records exposed at the end of 2015. These voting databases contain detailed personal information, voting history, and party affiliations, along with voter ID numbers. Voting databases aren’t the only source of exposure. Right now, there’s a full state’s Driver’s License database for sale on one of the major dark web markets, providing all of the same information accessible through a voter database.

Around the world and at a convention center in Ohio, all eyes are on the candidates. In the next few days we should have a final answer on the Republican nominee. The real question is, who’s watching their data?

analysis June 24, 2019
New Research: Terbium Labs Uncovers Pervasive Links Between Fraud and Transnational Crime

Terbium Labs investigated the links between payment fraud and serious transnational crime. This research begins to fill a gap in understanding about the use of fraudulent financing in some of the most heinous crimes...

analysis April 17, 2019
Terbium Labs Investigates Dark Web Fraud Guides for an Inside Look on Cyber Crime

With our latest research, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data, Terbium Labs investigates dark web fraud guides to create a detailed, first-hand account of the illicit...