Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Unprotected Database Exposes Details of 93.4 Million Mexican Voters
#1
[Image: unprotected-database-exposes-details-of-...3309-2.jpg]
The details of 93,424,710 Mexican voters were exposed online via an unprotected MongoDB database that had no admin password and was easily reachable via a public IP address.

MacKeeper security researcher Chris Vickery discovered the database on April 14, running on an Amazon AWS cloud server. Soon after he identified the data and realized what he was looking at, the researcher contacted the US State Department and later the State Department’s Office of Mexican Affairs.
"Database was secured eight days after being discovered"

After receiving no response, the researcher then contacted the US Secret Service, Department of Homeland Security, US-CERT, Amazon, and the Mexican embassy in the US.

Eight days later, Mexico's Instituto Federal Electoral (Federal Electoral Institute) (IFE) reached out to Mr. Vickery, thanked him for his efforts, and also informed him they secured the database.

IFE representatives told DataBreaches.net that the IP on which the server was running was not one of their own, that the database's total statistics did not match their own numbers, and that they'd start an investigation to see how the data ended up on a US-based Amazon server.

Mexican law prohibits companies from moving sensitive data o Mexican citizens across the border. The maximum penalty is six years in prison.
"Database didn't contain financial or biometrics information"

According to Vickery and DataBreaches.net, the database contained Mexican citizens' names, full addresses, dates of birth, mother's and father's name, current occupation, and their voter ID.

Vickery is the security researcher who also discovered the details of 191,337,174 US voters through another misconfigured MongoDB database.

Before this incident, the details of 55 million Filipinos were leaked after Anonymous and LulzSec Philippines hackers breached the COMELEC database at the start of the month. Prior to that incident, the details for 50 million Turks were also leaked online.
source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Over 60 million wearable, fitness tracking records exposed via unsecured database mrtrout 0 556 09-15-2021 , 03:24 AM
Last Post: mrtrout
  Unsecured Database Exposes Personal Data of 35M U.S. Citizens mrtrout 0 791 08-04-2021 , 04:37 AM
Last Post: mrtrout
  Data breach exposes information of more than 200,000 MultiCare staff, patients Bjyda 0 1,085 03-13-2021 , 12:07 AM
Last Post: Bjyda
  Telemarketing Biz Exposes 114,000 in Cloud Config Error Bjyda 0 1,046 03-03-2021 , 11:33 PM
Last Post: Bjyda
  Unprotected Private Key Allows Remote Hacking of Rockwell Controllers Bjyda 0 1,206 02-26-2021 , 11:04 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)