Chicago Board of Election Website Catastrophic Security Breach

More than 1.7 Million Registered Voters Have Personal Information Disclosed

Forensicon just uncovered and reported a massive security breach at the Chicago Board of Election’s website The last time this happened was back in 2006 when past and present Chairman of the Board of Elections ordered a computer forensics audit, yet here we are again with another major breach of voters’ personal information.

The security breach was discovered when Cyber Security and Computer Forensics firm, Forensicon’s President, Lee Neubecker, was attempting to access the Chicago Board of Elections website

“I wanted to compare voting patterns between Cleveland, Ohio’s Ward 5 that reported 99% voting rates for President Obama in certain precincts. When I visited the Chicago Board of Election’s website,, to compare election returns of demographically similar wards and precincts in Chicago, I discovered the site would not load. I then tried browsing The ftp port on did not require any authentication, but revealed the voter registration database username and password, among countless other data that should not be accessible to the public. A treasure trove of sensitive voter information such as driver’s license numbers, cell phone numbers, emails, dates of birth and more was revealed,” reported Neubecker.

Forensicon analysts have begun to review some of the compromised data in an attempt to quantify the scope of the information breached and inform the public. One unencrypted spreadsheet alone “fulldump.xls” last modified 11/6/2012 7:10AM contained sensitive information relating to over 1,200 individuals, including names, addresses, full driver’s license numbers, and the last 4 digits of their social security number. This is a massive security breach totaling approximately 5 Gigabytes of website code, registered voter information, election judge information, and much more.


11/16 1:26 pm – Forensicon has transferred all of the data captured from the publicly available site to the Federal Bureau of Investigation.

11/13 3:33 pm – The site is no longer accessible after Forensicon notified local government officials and law enforcement of the breach. However, the site is still active.

Tags: , , , ,

    Related Posts

  • FBI Uses Digital Forensics to Investigate Attacks - Recent Killings of Navy Sailor and Four Marines Demands Digital Forensics The recent killings of four Marines and a Navy sailor in Tennessee has FBI investigators following the gunman’s electronic trail in a search for the motive behind the shootings. Federal agents flew the computer, cellphone and other electronic devices belonging to Muhammad Youssef Abdulazeez[...Read More]
  • Ashley Madison Website Hack Exposes Cheaters - Adulterers and cheaters may have yet another reason to be nervous. An adultery website, Ashley Madison, confirmed it was the victim of a “criminal intrusion,” into its computer systems. This breach could potentially expose the extremely private details of as many as 37 million members. Avid Life Media, the company who owns Ashley Madison—as well[...Read More]
  • Detroit Zoo Latest Victim of Cyber Attack - Detroit Zoo Gift Shop Payment Processing Terminals Hacked The Detroit Zoo disclosed this week that their gift shop checkout terminals fell prey to hackers.  The impacted parties are believed to be limited to those individuals who made purchases from the gift shop using their credit cards. SSA Data Security Breach Service Systems Associates, a third-party[...Read More]
  • US Government Hacked – 4 Million Federal Employees PII at Risk - Recent news reports indicated that the U.S. Government suffered a major data breach that potentially impacted the employees of every federal agency.  The Office of Personnel Management (OPM), which handles security clearances and employee background checks, suffered a data breach potentially affecting more than 4 million individuals. The cyber footprints of the attack resemble that of[...Read More]
  • What Should My Organization Do To Prepare For a Data Breach? - Forensicon Blog Interview: Attorney Jena M. Valdetero Forensicon interviews privacy and data breach response attorney, Jena Valdetero, a partner with Bryan Cave LLP, on the topic of Data Breach Preparedness.  Valdetero provides further details on what organizations should do in order to be prepared for the eventual future data breach of their organization. About Jena[...Read More]


  1. FTP Breach | Unsecured FTP Site Unveils Personal Information Of More Than 1.7 Million Chicago Voters - November 29th, 2012

    […] FTP Site Unveils Personal Information Of More Than 1.7 Million Chicago VotersSecurity firm Forensicon stumbled across a wide open ftp site at the Chicago Board of Election last week. When […]

  2. Chicago Election Judges Received Misinformation Calls - Forensicon - November 6th, 2014

    […] in 2012, Forensicon’s President identified a security lapse of the website used by….  This was not the first time something like this […]

Leave a Reply