Almost 200m voting records

shochanshochan Member Posts: 1,004 ■■■■■■■■□□
Can ya predict when they are going to get their arses sued over this negligence??

https://www.wired.com/story/voter-records-exposed-database/

IMO, they should shut business until they can correct their security flaws...This is ridiculous. I am sure...you & I probably are listed in the documents leaked, IF you are a registered voter. I wonder if they made corrections to their IT dept yet...YOU'RE FIRED!
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP

Comments

  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Any evidence that this database was actually accessed? Some sample I can download? Magnet link?
  • p@r0tuXusp@r0tuXus Member Posts: 532 ■■■■□□□□□□
    I swear I remember reading an article about this back around Christmas. Maybe the numbers weren't as high, the investigation could have just been going for that long. I don't know. In the article it says no one else accessed the DB, so I doubt there's proof short of what the researcher is willing to open to the public. Also, article says Deep Root is still investigating. Sounds like 'posturing' speech to me to retain skittish clients. I wonder how much this report cost them.
    Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
    In Progress: Linux+/LPIC-1, Python, Bash
    Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
  • thomas_thomas_ Member Posts: 1,012 ■■■■■■■■□□
    It's sickening that companies and government entities completely ignore security, have a breach, and the only thing people get is free credit monitoring for two years. That's such a deal, now (smart) criminals will only have to wait 24 months before stealing my identity.

    The credit monitoring is such a joke. If your company oranization is part of a massive breach the company should be dissolved immediately and all assets sold and divided amongst the victims of the breach.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Company dissolved and assets distributed to victims? We wouldn't have any companies in this country anymore if we did that. This is a fact of life for any organization that retains any data about you and honestly I would probably say every company has been a victim of this. They either don't know or the info stolen didn't rise to the level of a reporting requirement. Fact is, we as consumers, are to blame. We want quick and convenient with security being of little importance to most of the masses.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • thomas_thomas_ Member Posts: 1,012 ■■■■■■■■□□
    Being exploited by a zero day is one thing, ignoring and being oblivious to best practices, not patching servers, using software/hardware past end of service is a completely different thing. Business executives and government officials need to be held accountable for allowing gross lapses in security to exist within their organization.
Sign In or Register to comment.