The Federal Bureau of Investigation is conducting a criminal investigation into a post-election breach of the U.S. agency in charge of making sure voting machines meet security standards. The breach of the U.S. Election Assistance Commission became known after a security firm stumbled upon login information for the agency being sold at on underground electronic market, Reuters reported. The security firm, Recorded Future, is now working with law enforcement to probe the breach. So far, investigators say the hacker is a Russian speaker who got the login credentials for more than 100 staffers at the commission by exploiting a database vulnerability. He then reportedly tried to sell the information on the vulnerability to an undisclosed Middle Eastern government for thousands of dollars, though authorities became aware of the breach and patched the database weakness. “We don’t think he actually works for any government or is super-sophisticated,” said Andrei Barysevich of Recorded Future, who is researching the breach. The U.S. Election Assistance Commission released a statement Thursday claiming that no voter information was released in the breach, and that the commission “terminated access” to the affected web application immediately “upon detecting the intrusion.”
CHEAT SHEET
TOP 10 RIGHT NOW
- 1
- 2
- 4
- 5
- 7
- 8
- 9
- 10