Digital Shadows has identified a post on the English-speaking cybercriminal forum, RaidForums, alleging to possess a complete 2020 Wisconsin voter database. The author of the post provided a free download link to a database containing statewide voter and absentee data acquired from the "Badger Voters" site, a website established by the State of Wisconsin Elections Commission.
Before being posted on RaidForums, the data was allegedly obtained on the pro-conservative site "thedonald[.]win," where a user claimed to have paid $25,000 USD for the files and urged users to spread the data. The database contained personally identifiable information (PII) of Wisconsin citizens, including full names, physical addresses, email addresses, phone numbers, and more. According to researchers, the leaked information has the potential to enable threat actors to launch malicious campaigns, including spearphishing or other types of social engineering attacks, spread disinformation to influence future elections, or create the appearance of voter fraud.
The Digital Shadows team identified an additional database advertised on RaidForums that allegedly contained voter data for Pennsylvania citizens. This database was also shared on the "thedonald[.]win" site and maintained exposed PII, such as full names, dates of birth, and physical addresses.
Ivan Righi, cyber threat intelligence analyst with Digital Shadows, says, “While there are many leaked databases involving voter data from various states, most of these databases are outdated or incomplete. Advertisements for these specific datasets claim to be complete, up-to-date, and allegedly include complete Wisconsin and Pennsylvania 2020 voters' data. In addition, threat actors have expressed a high interest in it, meaning that they will likely leverage it to conduct criminal activities.”