Did you know that there are database records stored on Google? Anyone who wasn’t aware before certainly knows now, as a voter list containing around 154 million records was exposed, thanks to a small misconfiguration.

Security researched Chris Vickery of MacKeeper discovered the database leak, as The Daily Dot reports, which was exposed due to a misconfiguration in a CouchDB installation. As such, a massive amount of voter information was left exposed and unprotected on the Internet, and similar information is already for sale on the dark web.

The information includes the basics, such as names, addresses, and phone numbers. However, given that it is information about voter records, it also includes congressional districts, political party alignments, estimated income, ethnicity, and even voter frequency. Certain fields even had additional information such as gun ownership, level of education, estimated income, and even likelihood of having children.

Further investigation determined that the list was linked to L2 Political, a company that specializes in political data services, which in turn explained that it belonged to one of their clients. The client was informed, and told L2 that they were hacked and had their firewall taken down, hence the breach. Without the firewall, Softpedia notes, anyone could find the information just by scanning for unprotected CouchDB servers (as Vickery did).

The database was secured shortly after L2 was notified, so the information is now safe. The responsible parties are currently unknown, however, and the information the records contained could be used for any number of purposes. This breach could impact voters across the United States, so it stands as another reason why both security and swift responses to breaches are vital.

Photo by joebeone