Cybernews reports that Illinois' St. Clair County had 470,000 sensitive voter documents exposed for months due to a misconfigured Amazon S3 bucket used by the county clerk's office.
Information leaked by the Amazon S3 instance included Paperless Online Voter Applications, National Change of Address applications, and vote by mail ballot applications, which had individuals' names, birthdates, current and former addresses, Social Security numbers, ID numbers, driver's license numbers, phone numbers, email addresses, and signatures, according to Cybernews researchers. While the open bucket has already been secured by the St. County Clerk's office, voters across the county have been urged to be vigilant of possible malicious activity. "Exposing voter documents increases potential voter fraud and vote manipulation risk. Additionally, malicious actors could exploit this data for identity theft, financial fraud, or targeted phishing attempts, posing particular risks to vulnerable adults who rely on safeguards for their protection and confidentiality," said researchers.