conservative voter analytics company leaked data on pretty much everyone

post reply Forum Index » Political Discussion
[Post New]06/19/2017 09:08
quote
Anonymous
http://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612

The whole enchilada, compiled by a large number of conservative organizations and compiled by Deep Root Analytics, was left entirely unsecured on an Amazon web server. 200 million voters.
[Post New]06/19/2017 09:38
quote
Anonymous
Anonymous wrote:http://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612

The whole enchilada, compiled by a large number of conservative organizations and compiled by Deep Root Analytics, was left entirely unsecured on an Amazon web server. 200 million voters.


I still want to know more about how they got the voter info in the first place - there's been a lot of talk of these folks buying data from hackers, or at least that's being talked about with Cambridge Analytica.
[Post New]06/19/2017 11:14
quote
jsteele
Site Admin Offline
It is sad that this story will probably not get much attention and, when it does, will be viewed through partisan lenses. It looks like the personal information of nearly every registered voter was exposed. This is outrageous.
[Post New]06/19/2017 11:20
quote
Anonymous
Rs not liking hacking now, are they? Karma.
[Post New]06/19/2017 11:39
quote
jsteele
Site Admin Offline
Anonymous wrote:Rs not liking hacking now, are they? Karma.


This is not even hacking. This is sheer incompetence.
[Post New]06/19/2017 11:57
quote
Anonymous
jsteele wrote:
Anonymous wrote:Rs not liking hacking now, are they? Karma.


This is not even hacking. This is sheer incompetence.


Speaking of incompetence, this does bring up the infamous Trump tweet: "Gross negligence by the Democratic National Committee allowed hacking to take place.The Republican National Committee had strong defense!"

I guess the shoe is on the other foot today.
[Post New]06/19/2017 12:02
quote
Anonymous
jsteele wrote:
Anonymous wrote:Rs not liking hacking now, are they? Karma.

This is not even hacking. This is sheer incompetence.

Incompetence coupled with a lack of good security protocols and standards for storing personal data for a purpose that isn't explicitly covered by some existing protocol like PCI or HIPAA.

I think regulation is required around PII held by third parties, but obviously that's highly unlikely under the current Administration. I want to blame the company for incompetence, but this kind of thing is more common than anyone would like. I think having standards, best practices, and compliance requirements is the only way to avoid these kinds of things.
[Post New]06/19/2017 12:09
quote
Anonymous
Anonymous wrote:
jsteele wrote:
Anonymous wrote:Rs not liking hacking now, are they? Karma.

This is not even hacking. This is sheer incompetence.

Incompetence coupled with a lack of good security protocols and standards for storing personal data for a purpose that isn't explicitly covered by some existing protocol like PCI or HIPAA.

I think regulation is required around PII held by third parties, but obviously that's highly unlikely under the current Administration. I want to blame the company for incompetence, but this kind of thing is more common than anyone would like. I think having standards, best practices, and compliance requirements is the only way to avoid these kinds of things.


In theory they are subject to data breach notification laws in most states.
[Post New]06/19/2017 12:17
quote
Anonymous
Anonymous wrote:
Anonymous wrote:
jsteele wrote:
Anonymous wrote:Rs not liking hacking now, are they? Karma.

This is not even hacking. This is sheer incompetence.

Incompetence coupled with a lack of good security protocols and standards for storing personal data for a purpose that isn't explicitly covered by some existing protocol like PCI or HIPAA.

I think regulation is required around PII held by third parties, but obviously that's highly unlikely under the current Administration. I want to blame the company for incompetence, but this kind of thing is more common than anyone would like. I think having standards, best practices, and compliance requirements is the only way to avoid these kinds of things.

In theory they are subject to data breach notification laws in most states.

But this is after the fact...it's better than nothing, but we could do a lot more...it's particularly interesting to think of it w.r.t. voter profiling (which goes back to Obama), since you could potentially make a stronger case related to government interests in protecting this data.
[Post New]06/19/2017 13:48
quote
Anonymous
This is 200 million voters. Doesn't that pretty much include every single us citizen who is registered to vote?? I guess I'm naive but I didn't think States were allowed to share that info.
post reply Forum Index » Political Discussion
Message Quick Reply
Go to: 

Search   Recent Topics   Hottest Topics