Russian Darkweb shares personal data of nearly every voter in Michigan, plus a million more voters in four other states — Meduza

Russian Internet users have shared the personal data of nearly every voter in Michigan (7.6 million of the state’s 7.8 million voters), as well as the information of another million voters in Arkansas, Connecticut, North Carolina, and Florida, according to the newspaper Kommersant. The data recently appeared on a Darknet forum, posted by a user nicknamed “Gorka9.” A source at the security firm “InfoWatch” confirmed to Kommersant that the data is authentic, saying it was first released in late 2019.

For each American voter in the database, the following information is available: full name, date of birth, sex, date of registration, home address, zip code, email address, voter ID number, and polling station number.

According to Kommersant, the voter data was released online for free, but the newspaper says forum members apparently used the U.S. government’s own “Rewards for Justice” program to earn money on the stolen information by reporting the election interference to the State Department. One forum member told the newspaper that he received $4,000 for sharing a hyperlink with U.S. officials to the leaked database of Connecticut voters.

Washington has offered as much as $10 million “for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.”

On June 29, “Gorka9” posted the Michigan voter data on the cybercriminal forum XSS. Almost two months later, another user wrote that someone in a separate thread on the same forum claimed to have received $4,000 from the U.S. government for reporting a similar database of Connecticut voters’ information. “Fuck knows if it’s true, but you could probably try it. The whole point is that all these voter databases are available to the public, regardless of the state, but it’s entirely possible that the Americanos themselves don’t realize this,” the forum user wrote.

Vladimir Dryukov, the director of the “Rostelecom-Solar” cybersecurity company, told Kommersant that those responsible for acquiring the voter data likely earned money on the information by selling it to scammers before sharing it at XSS. Andrey Arsentiev, the head of analytics and special projects at InfoWatch, told the newspaper that such information dumps can also serve political purposes and theoretically be used to determine voter preferences, influence voter choices, and incite people to protest.

Writing on her Telegram channel, Russian political analyst Tatiana Stanovaya called Kommersant’s report “strange,” arguing that the article’s “clear subtext” is to fault the U.S. State Department for provoking leaks of American citizens’ data by rewarding Russian hackers for information about election interference. “The Kremlin appears to be preparing for allegations of [election] meddling,” Stanovaya wrote.

A hack, a leak, or nothing at all?

Alex Stamos, a cybersecurity expert and adjunct professor at Stanford’s Freeman-Spogli Institute, cautions against “jumping at shadows” in response to Kommersant‘s report. “This information is generally public and could have been taken from hundreds of customers of voter information brokers,” he explained on Twitter, adding, “Darkweb forums, especially ones in Russian, are chock full of free and paid data dumps like this with no immediate use.”

The Michigan Department of State denies that its system has been hacked, saying: “Public voter information in Michigan and elsewhere is accessible to anyone through a Freedom of Information Act request.” “We encourage all Michigan voters to be wary of attempts to ‘hack’ their minds,” state officials wrote on Twitter.

More about the U.S. ‘Rewards for Justice’ program in Russia Russians are receiving text messages about the U.S. State Department’s $10 million reward for information on election interference