UpGuard revealed that a misconfigured database made the personal information of 198 million U.S. voters publicly available to anyone who went looking for it. The security company said this is the "largest known data exposure of its kind," and that the data includes 1.1TB of "entirely unsecured personal information" collected by three data firms hired by the Republican National Committee (RNC) during the 2016 presidential election.
The fundamental problems which exposed this data are not rare, uncommon, or consigned to one side of the partisan divide; indeed, while those responsible for this exposure are of one party, the 198 million Americans affected span the entire political spectrum, their information revealed regardless of their political beliefs. The same factors that have resulted in thousands of previous data breaches—forgotten databases, third-party vendor risks, inappropriate permissions—combined with the RNC campaign operation to create a nearly unprecedented data breach. [...] Despite the breadth of this breach, it will doubtlessly be topped in the future—to a likely far more damaging effect—if the ethos of cyber resilience across all platforms does not become the common language of all internet-facing systems.
Political parties, private companies, and other organizations are only going to become more reliant on big data. Knowledge is power, after all, and databases like this hold all the knowledge that the powerful could want. It makes it easier for politicians to win elections, companies to target advertisements, and other organizations to boost their own effectiveness. Unfortunately, the apparent inability to secure this information means it will also be used to attack the people behind the data, whether it's by breaching an organization's systems or accessing a public server.