D.C. Voter Data Leak: What We Know So Far

The District of Columbia Board of Elections (DCBOE) has reported a security incident involving the breach of a web server hosted by DataNet Systems, a hosting provider. This breach, which occurred in early October, potentially allowed unauthorized access to the personal information of all registered voters in the district.

The compromised voter roll contains lots of personally identifiable information (PII). This includes details like driver’s license numbers, dates of birth, partial social security numbers, and contact information such as phone numbers and email addresses.

In response to this breach, DCBOE issued a statement via Twitter, acknowledging the potential exposure of the entire voter roll: “Today, DCBOE learned the full voter roll MAY have been accessed in the breach of DataNet Systems’ database server.”

However, DCBOE noted that DataNet Systems couldn’t determine whether or when this voter data file had been accessed or how many voter records, if any, were compromised. In light of this situation, DCBOE is taking a proactive approach to safeguarding voter data.

As a precaution, DCBOE plans to reach out to all registered voters affected by the breach. 

The Breach Timeline: On October 5, 2023, the DCBOE became aware of the breach, currently attributed to a threat actor known as RansomVC. This actor claimed to have stolen approximately 600,000 U.S. voter data lines, including D.C. voters’ records.

Upon discovering the attack, DCBOE, in collaboration with MS-ISAC’s Computer Incident Response Team (CIRT), swiftly took down their website. They replaced it with a maintenance page to contain the situation, identifying their website as the point of entry for the breach.

Further investigations revealed that the attackers gained access to voter data through DataNet’s web server, which hosts services for Washington D.C.’s election authority. Importantly, no DCBOE databases or servers were directly compromised during this incident.

Efforts to address the breach are ongoing, with the involvement of external cybersecurity experts, the Federal Bureau of Investigation (FBI), and the Department of Homeland Security (DHS). The primary focus is on assessing the extent of the breach, identifying the attack vectors, and implementing measures to secure voter data and election systems.

Skip to content