A data dump containing 4,934,863 Georgian voters’ personal information was found being sold on the underground forums
On Saturday, security researchers from Under the Breach discovered a listing on underground hacking forums – it contained personal information of Georgian citizens. The data dump reached 1.04 GB in size and was included in Microsoft Access Database.
According to ZDNet,[1] the news outlet which the discovered document was shared with, it included such personal information like names, dates of birth, addresses, phone numbers, and ID numbers. While the country of Georgia currently holds about 3.7 million citizens, and the exposed database included 4,934,863 – that is 1.2 million more than the entire population of the country. Around one-third of the current population also includes those who are unable to vote, such as children. The inconsistency comes from the fact that the database was not kept up to date properly, hence the information of the deceased was also included.
It is yet unclear who published the data dump or how the government will respond to the data breach, but the implications of the affected users could be serious.
The hacker claimed that the information was obtained from voters.cec.gov.ge
There is not much information yet available about the data breach, although the person who published the data on the underground forums claimed that the information is coming from a government-owned website voters.cec.gov.ge. This website is used by Georgian citizens to verify voter registration information online.
There is a possibility that the personal information of the Georgian voters was obtained via the Android App that uses the same functionality as the voters.cec.gov.ge, although there is no evidence yet. Researchers believe that the data breach could have been performed with the help of a so-called brute-force tactic,[2] where malicious actors attempt to guess the login credentials with the help of a predetermined list of easily guessable passwords.
Currently, voters.cec.gov.ge website is down – most likely due to the data breach that affected so many country’s citizens. The correspondent of ZDNet tried to contact the Central Election Commission of Georgia but did not receive a reply over the weekend.
Data breaches are serious problems not only for businesses but also for government organizations
The elections in Georgia are set to take place later this year – in October, and, considering this data breach, some people might refrain from voting altogether. Risking personal information of high importance like ID number could be really dangerous, as users could be subject to targeted phishing scams and bank fraud. It is evident that the government should take cause extra precautions on protecting the information of its citizens.
Most recently, ransomware developers of Maze,[3] Sodinokibi and DoppelPaymer[4] and others, are now exposing sensitive information obtained from businesses and organizations. With coronavirus at its peak, governments and healthcare organizations have a lot to take care of, which, unfortunately, leaves cybersecurity forgotten. Mespinoza ransomware was recently spotted attacking the French government,[5] and last time voters’ data breach occurred in August 2019, when 80% of Chile got their information exposed due to an unprotected database.
Data breach affected users should immediately treat themselves as possible targets of phishing and other malicious attacks. The obtained information might also be used in other situations, such as committing credit card fraud. Georgian citizens should from now on monitor their online banking accounts and