It has been reported that an advertisement on a forum that sells data breach information is also offering the personally identifiable details and voting history of millions of US residents. The estimated size of the cache is in excess of 35 million records. The announcement says that the data sold is from updated state-wide voter lists, and includes millions of phone numbers, full addresses, and names.
Commenting on this, Sam Curry, chief security officer at Cybereason, said “In the connected, digital world scale is massive and details matter; so it’s important to pay serious attention when the government calls for action. Scrutiny should be applied to check the details, but the potential for an incident is always there. We’ve all been waiting for a “Cyber Pearl Harbor” while listening to fear, uncertainty and doubt from vendors and scaremongers; but the possibility always exists. The call exists with or without hyperbole for resilience, anti-fragility, recoverability and great barriers-to-entry in our default stance. We could do a lot more to minimise the likelihood of an incident, to increase the difficulty for attackers and to ensure that today’s connected world, before we even think about the Internet of things, is more robust and safe for society.”