A Republican data firm called Deep Root Analytics compiled massive amounts of personal information on U.S. voters and then let it sit for 12 long days completely unprotected on the Internet.
The stunning security breach was discovered by a cybersecurity consultant and it does not appear foreign agents or other unauthorized parties accessed the data during the time it remained unprotected, even by a password, according to The Los Angeles Times.
Deep Root mined ‘deep’ information about the way individual Americans would likely vote by collecting information about their perceived political preferences from social media.
“This is a catalog of human lives, with intrinsic details,” said Mia Baukes, chief executive of the cybersecurity firm that discovered the unprotected file during a routine scan, in the LA Times report. “Every voter in America is potentially in there. The scale of it is just staggering, and the fact that it was left wide open is wholly irresponsible.”
Timothy Sparapani, a data privacy consultant in Washington DC who used to direct public policy for Facebook, said people should lose their jobs over the incident, adding there is little voters can do about breaches of this kind.
“As a voter, you are left with almost no recourse because our laws have not caught up to the massive computing power which is readily available to gather enormous data sets and make them searchable at the click of a button,” said Sparapani. “The breadth and depth of data collection by these companies is not well understood. If it were, I think the average voter would be frightened.”