Foreign hackers, with suspected Russian ties, have pilfered user voter records from two state election systems, from Arizona and Illinois, Yahoo News reported today.
The news publication said it had seen a secret “flash” alert sent out by the FBI to the State Board of Elections across the US.
The “flash” alert, titled “Targeting Activity Against State Board of Election Systems,” told state officials about the two hacks and urged them to audit their IT systems for any possible weaknesses that might be exploited by attackers.
Hackers stole 200,000 voter details from the state of Illinois
The alert didn’t include the name of the two hacked Board of Elections, but Yahoo says they’re Arizona and Illinois.
Ken Menzel, the general counsel of the Illinois Board of Elections, confirmed the breach to the Yahoo reporter and said the attack took place during ten days in July and the hackers managed to steal around 200,000 state voter records.
Attackers also compromised Arizona’s Board of Elections IT system, but did not manage to take any data, local officials told Yahoo.
ThreatConnect: Attacks may be linked to Russian-based hackers
An interesting detail included in the FBI alert was a list of eight IP addresses that the FBI considered suspicious and potentially linked to the intrusion. The FBI asked other states to check their logs for these IPs.
A ThreatConnect expert told Yahoo that one of the IPs was spotted on Russian underground hacking forums.
He also said the tools used to scan the state election systems for vulnerabilities are similar to the ones used by Russian threat actors in recent campaigns, more precisely in the hacking of the World Anti-Doping Agency (WADA) and Court of Arbitration for Sport (TAS, also CAS). ThreatConnect had previously linked the WADA attacks to the DNC and DCCC hacks, which they said were carried out by Russian state-sponsored cyber-intelligence groups.
US voter information is already out there
US voters panicking about having their voter information in the hands of Russian hackers should know that this past June, a US company leaked the personal details of 154 million voters. The same thing happened in December 2015, when another company leaked the personal details of over 191 million US voters.
This latter data made its way on the Dark Web and could be easily bought for a few Bitcoin. Most likely, this data is in the hands of more than just Russian hackers.
Either way, the FBI is more interested in preventing automated attacks that might leverage this data and attempt to rig the US Presidential election that’s to take place this fall.
