Cybersecurity firm UpGuard has discovered that personal information from over 1.8 million Chicago residents was unintentionally exposed by voting machine supplier Election Systems & Software (ES&S). The backup files of voter data were found on an Amazon Web Services device and weren't protected with a password.
After the firm found the data, the copy was secured and last Saturday, state and local authorities were notified. Once ES&S was alerted to the situation, the files were secured and the server they were found on was shut down. The company says that an investigation is ongoing and that the files, which contained names, addresses, dates of birth, partial Social Security numbers and some driver's license and state ID numbers, did not include ballot information or vote totals. ES&S also said that the files had no impact on registration records or election results and weren't connected to Chicago's voting systems.
Other data leaks discovered by UpGuard include one from political strategy company Deep Root Analytics that exposed data from almost 200 million people, one from Nice systems that released data from 14 million Verizon customers and a leak from defense contractor Booz Allen Hamilton that exposed classified intelligence data.
In a statement, ES&S said, "The company is in the process of reviewing all procedures and protocols, including those of its vendors, to ensure all data and systems are secure and prevent similar situations from occurring." UpGuard is assisting with the investigation.