Hackers ‘may have had access to the full voter roll,’ Washington, DC officials say

Officials at Washington, D.C.’s Board of Elections (DCBOE) confirmed that hackers accessed the city’s voter rolls, which includes personal information such as partial Social Security numbers and driver’s license numbers.

The DCBOE said on Friday that it has been investigating claims made on October 5 by the RansomVC hacking group that 600,000 lines of U.S. voter data, including D.C. voter records, were accessed.

DCBOE said its third-party technology supplier DataNet Systems told them on Friday that the breached database server did contain a copy of the DCBOE’s voter roll. While voter rolls are publicly accessible, not all information is shared with those who acquire the database.

“DCBOE has confirmed that some DC voter information was accessed through a breach of DataNet Systems’ web server. No internal DCBOE databases or servers were directly compromised,” they said.

The officials added that DataNet Systems, which did not respond to requests for comment, could not say if or when the file was accessed or how many voter records were accessed.

IMPORTANT: On 10/5, DCBOE became aware of cybersecurity incident involving DC voter records. While the incident remains under investigation, DCBOE’s internal databases & servers were not compromised. Our full statement is pictured below & will be available on our website soon. pic.twitter.com/VCuhXOJLqK

— DC Board of Elections (@Vote4DC) October 6, 2023

DCBOE said it plans to reach out to all registered voters out of an abundance of caution and has hired incident response firm Mandiant to assist with their next steps. They are still in the process of investigating what happened.

The organization began its investigation on October 6 and is also working with the FBI, Homeland Security (DHS), and the Office of the Chief Technology Officer (OCTO) on assessing the situation.

They initially shut down the DCBOE website and subsequently conducted vulnerability scans on their database, server, and other IT networks.

By October 16, the agency confirmed that at least 4,000 people had their voter records between August 9, 2019 to January 25, 2022 leaked in the breach. The records “contained information from voters who participated in DCBOE’s canvass process, which is conducted every odd-numbered year to ensure the voter roll is up-to-date.”

The city is still reeling from revelations in March that hackers stole information from Washington, D.C.’s healthcare exchange platform that included the sensitive information of Congress members and staff.

Thousands of people who signed up for DC Health Link — a health insurance marketplace for D.C. residents —- had their names, ID numbers, policy IDs, Social Security numbers and more leaked in the attack.

The RansomVC gang boasted of the breach on its Telegram channel but has had a mixed record in terms of the veracity of its claims.

The group has caused alarm for attacks on Colonial Pipeline, Sony and a Hawaiʻi state government website. But several of its alleged victims, like U.S. credit agency TransUnion, have come forward to deny ever being breached by the group.

After emerging on August 15, it made waves for threatening victims with the prospect of European data breach fines.