By Amanda J. Katzenstein
In what is being described as the largest breach of U.S. electoral data, personal data relating to almost 200 million U.S. citizens was accidentally exposed by a Republican National Committee vendor. According to BBC, the 1.1 terabytes of data exposed “includes birthdates, home addresses, telephone numbers and political views of nearly 62% of the entire US population.”
Apart from personal data, the spreadsheets also included sensitive personal data about U.S. citizens regarding suspected religious affiliations, ethnicities and political biases, such as where they stood on issues like gun control, abortion and stem cell research. The information was collected from a wide range of sources including both Internet posts and in-person political fundraisers and was to be used by Republican political organizations. The spreadsheets were last updated in January due to the inauguration and had been online for an unknown period of time.
According to The Washington Post, one could access the data for 12 days as long as he or she had a link to the publicly accessible cloud server. Further, the breach was not the result of hacking. This breach underscores the necessity to train employees regarding privacy and security as well as implement strict technical safeguards to ensure that data, particularly sensitive personal data, remains secure. The breach also demonstrates the importance of people remaining vigilant regarding what information they share or is publically available online because the data can be used in ways not originally foreseen to them.
If you have additional questions regarding this topic or data breaches, please contact a member of the Polsinelli’s Privacy and Data Security practice.