The kind of information that Chris Vickery, a security researcher for MacKeeper, bumped into, on 14th April 2016, shocked him to the core. A database called “padron2015”, containing over 100 GB of data on an Amazon server revealed unprotected access into personal information of what looked like every registered Mexican voter including their national id codes, names, and residential addresses.
The discovered information was left out on a public Amazon server completely exposed without any hint of password protection securing it. Vickery immediately proceeded to report the matter to the officials of both Mexico and the U.S. However, as to who else already has had access to this information (since the date of availability of this info has not been confirmed) is not yet clear.
Since kidnapping is a fairly common practice in Mexico, the database can prove extremely dangerous if the drug cartels did manage to get their hands on such detailed personal info.
The hacked data has been available online since September 2015, according to CSO.
René Miranda Jaimes, the executive director of the Federal Register of Voters, confirmed the fact that the list was distributed to all the political parties in Mexico the previous year, as per the standard protocol of the local electorates. She expressed her concern on the matter: “We have some spectacular security holes in our law. On one hand we have to safeguard the confidentiality of the information, but on the other hand, we have to give a complete copy to political parties.”
The database was taken down last Friday after Vickery alerted the Mexican security officials about it. According to The Verge, Amazon has made it clear that they could not be held responsible for the confidential information becoming public knowledge; that while Amazon Web Services “manages security of the cloud, security in the cloud is the responsibility of the customer.”
For more technology news, you can subscribe to our newsletter. If you are a social media junkie and would like to receive updates on your timeline, then you can also like us on Facebook or follow us on Twitter.