D.C. voter records for sale in cybercrime forum

The District of Columbia Board of Elections became aware Thursday of the breach, which occurred via its hosting provider.
A District of Columbia flag is seen in front of the White House June 9, 2017 in Washington, DC. (BRENDAN SMIALOWSKI/AFP via Getty Images)

A hacking group breached Washington, D.C.’s local election authority, accessing 600,000 lines of voter data, the District of Columbia Board of Elections confirmed in a statement to CyberScoop on Friday. 

A user calling itself “pwncoder” claimed in a Tuesday post in an online forum where stolen data is bought and sold that they had breached the DC Board of Elections and offered to sell the data, which included the last four digits of voters’ social security numbers, driver’s license numbers and addresses, among other data. 

The board became aware of the breach Thursday, found that the voter records were accessed via a breach of its website hosting provider and attributed the attack to a group called RansomVC, which has been accused in the past of claiming credit for attacks carried out by others. As of Friday, the agency has taken its website offline. 

The breach of the Washington election authority is the second major cybersecurity incident affecting the U.S. capital this year, following an incident targeting the city’s health insurance exchange. In that incident, the personal data of senior national security officials leaked online. Given the large numbers of government officials living and voting in the city, this week’s breach may once again include high-level current and former officials. 


“DCBOE continues to assess the full extent of the breach, identify vulnerabilities and take appropriate measures to secure voter data and systems,” the agency said in its statement. “This remains an active investigation and DCBOE will release additional information as it becomes available.”

DCBOE said it is working with the Federal Bureau of Investigation, the Department of Homeland Security and industry groups to investigate the incident. The board has also conducted vulnerability scans on its “database, server and other IT networks” but said its databases and servers were not directly compromised in the breach. 

Some voter registration information — such as voter names, addresses and party affiliation — is public information, unless it has been designated as confidential per D.C.’s rules and regulations. Voting registration record information is also shared as part of this information in accordance with the Freedom of Information Act, according to the Board of Elections. 

AJ Vicens contributed reporting to this article. 

Caroline Nihill

Written by Caroline Nihill

Caroline Nihill is a reporter for FedScoop in Washington, D.C., covering federal IT. Her reporting has included the tracking of artificial intelligence governance from the White House and Congress, as well as modernization efforts across the federal government. Caroline was previously an editorial fellow for Scoop News Group, writing for FedScoop, StateScoop, CyberScoop, EdScoop and DefenseScoop. She earned her bachelor’s in media and journalism from the University of North Carolina at Chapel Hill after transferring from the University of Mississippi.

Latest Podcasts