Democratic Senate Campaign Group Exposed 6.2 Million Americans' Emails (techcrunch.com) 105
A political campaign group working to elect Democratic senators left a spreadsheet containing the email addresses of 6.2 million Americans' on an exposed server. From a report: Data breach researchers at security firm UpGuard found the data in late July, and traced the storage bucket back to a former staffer at the Democratic Senatorial Campaign Committee, an organization that seeks grassroots donations and contributions to help elect Democratic candidates to the U.S. Senate. Following the discovery, UpGuard researchers reached out to the DSCC and the storage bucket was secured within a few hours. The researchers published shared their findings exclusively with TechCrunch and published their findings. The spreadsheet was titled "EmailExcludeClinton.csv" and was found in a similarly named unprotected Amazon S3 bucket without a password. The file was uploaded in 2010 -- a year after former Democratic senator and presidential candidate Hillary Clinton, whom the data is believed to be named after, became secretary of state. UpGuard said the data may be of people "who had opted out or should otherwise be excludedâ from the committee's marketing.
To be fair (Score:5, Insightful)
Leaking sensitive emails is kind of a Democrat hallmark, this is simply them being extremely on-brand.
Re: (Score:1, Insightful)
Of course, turns out that the Trump administration uses private email servers all the time-- much much more than Hillary Clinton did. If you're wondering why Trump is not saying "lock her up" any more, it's because that would mean locking up his whole family:
https://www.newsweek. [newsweek.com]
It was compromised many times (Score:2, Interesting)
The mildly ironic facts are that the private server Hillary used for email never got compromised
Remember, it is the private server kept in a bathroom closet in Denver.
Along with that awesome opec, you can of course assume it was breached multiple times via network - and in fact there is evidence that at least China [washingtonexaminer.com] had.
The FBI claims there was no evidence - the same FBI that covered for Clinton and decided she would not be prosecuted before they even started investigating, so yeah.
Re: (Score:2)
ROFL. Check out the idiot using CNN as a source.
Re: (Score:2)
Zombocom? (Score:2)
News sources [Re:To be fair] (Score:5, Informative)
ROFL. Check out the idiot using CNN as a source.
I linked to:
1. https://www.cnn.com/2015/03/10... [cnn.com]
2. https://www.newsweek.com/trump... [newsweek.com] [newsweek.com]
3. https://www.cbsnews.com/news/j... [cbsnews.com]
4. https://talkingpointsmemo.com/... [talkingpointsmemo.com]
5. https://www.nytimes.com/2019/0... [nytimes.com]
CNN is the only one of these that makes you say "look at the idiot"?
Or you think that every legitimate news source is fake? If you have an ideology that tells you that you can discard all information that disagrees with you, you will never have your ideas challenged.
(OK, I'll admit, one of these is talkingpointsmemo, which I don't usually link as a reliable news source. It happened to include different details, though, so I included it in with the other four as a different perspective.)
Re: (Score:2)
Check out the idiot using CNN as a source.
Criticizing someone's sources, while providing none of your own, is tantamount to admitting that you have lost the argument.
Re: (Score:2)
https://www.vox.com/2016/9/8/1... [vox.com]
https://www.politico.com/story... [politico.com]
Re:To be fair (Score:5, Informative)
Wrong. Powell told her to use private email for private business and government email for official business, don't mix them.
She used the server in her bathroom for everything.
Re:To be fair (Score:5, Insightful)
Alas, if Powell told her to do so, and did so himself, then he was also guilty of breaking the law.
And a former Senator, former First Lady should have known better, and brought charges against Powell if he had, in fact, told her he used a private email server....
Re: (Score:2)
unsecured servers containing top secret data > personal email account
Re: (Score:3)
The mildly ironic facts are that the private server Hillary used for email never got compromised, while the State departartment server that she was supposed to have used for email did get hacked: https://www.cnn.com/2015/03/10... [cnn.com]
You quote CNN as if they are someone who "Would Know" if a server had been hacked. Puuuuuuhlease!
Re: (Score:2)
The mildly ironic facts are that the private server Hillary used for email never got compromised,
False [washingtonexaminer.com]. At least the FBI documents show her email server's information was all over the dark web.
Re: (Score:2)
If Obama had wanted hillary to be able to use those server he could have authorized her to do so, he never did. even then she would not have been allowed to share the classified material like she did.
Re: (Score:2)
Re: (Score:1)
Re: (Score:3)
While I voted against her, I personally don't think any of what she did with regards to her email warranted any locking up. But it needed to be known because it is reflective of her state of mind: she's the kind of person who believes the whole world is out to get her and she can only trust herself. (There are instances in her childhood that were publicly talked about, some even by herself, that confirm that idea.) Her setting up the private email server was merely a consequence of that. Her pattern of beha
Re: (Score:2)
I personally don't think any of what she did with regards to her email warranted any locking up.
I'm reserving judgement until after a damage assessment by the ODNI is released to the public. Last time I checked, Judicial Watch was still suing for that. [judicialwatch.org]
Re: (Score:1)
leaking emails is a hallmark of group that has a history of emails because other group does it too!!!
nice whataboutism.
Actually, in this case, it's not whataboutism. If both do it, then it's not a hallmark (a distinctive characteristic [slashdot.org]).
Re:To be fair (Score:5, Insightful)
Can't we just agree both sides are sloppy with security instead of dive into a your-party-is-more-evil-than-my-party squabble?
Re: (Score:1)
Unfortunately, no. We really can't.
I mean, we had two mass shootings this weekend. One that can be twisted to be conservative (he was an "eco-fascist"), and one that claimed to be a socialist Satanist that supported Elizabeth Warren. But, all you hear about is how it is all our President's fault. You can't make this silliness up.
Re: (Score:1)
I'm addressing the subject of being careful with personal and sensitive data. Not the parties in general. Scope creep?
The DNC was hacked (Score:5, Funny)
So they say (Score:2)
Only Crowdstrike had access to the servers [zerohedge.com], and the DNC refused to turn over the drives to the FBI for forensic analysis.
If the chain of custody for evidence is non existent, it doesn't matter how many other consultant groups back that assessment. Only a fool trusts a source with such a high conflict of interest.
Re: (Score:2)
Oh, you wanted to opt out? (Score:2)
Be a shame if we gave everyone in the world your contact information...
6.2 million rows in one spreadsheet? (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Excel has a limit 1048576 rows. So they must have multiple sheets.
Still it does seem as a very stupid way of distributing the data so that users can easily access it.
Campaign Finance Laws be dammed! (Score:5, Informative)
This is common practice, believe it or not, to get around campaign finance laws... How so you ask? Well...
There are campaign finance dollar limits and those limits apply to actual dollars as well as services or things. So, you cannot bypass the campaign finance limits by giving the campaign free rent or free IT equipment. Anything you give a campaign of value must be reported. There are similar reporting requirements and limits for what one campaign can give to another.
So how's this "breach" supposed to get around these rules? It works this way, you don't have to claim data that you "found" sitting on a public server, so one campaign throws up the data they want to give to another campaign up on some publicly accessible server, usually in an obscure location. Then the receiving campaign mysteriously finds this public data, downloads a copy and uses it, without having to report it as a donation from the other campaign. This doesn't impact the dollar limits..
Oh, and YES, being based on a recent court decision which declares "information found in public to be free" this is pretty common.
Former staffer? (Score:2)
A former staffer should not have these data. Did he steal the data?
Re: (Score:1)
6.2 million entries in a spreadsheet... (Score:2)
That's pretty impressive... Assuming that they are using Excel, each tab (worksheet) can have about 1 million rows... so somehow they managed to spread the data over multiple sheets.
And if there was any other data in the workbook, it's a lot of data to manage in an Excel file. At least use something like Access.... (just kidding). I wonder how long F9 took?
Obligatory XKCD: https://m.xkcd.com/2180/ [xkcd.com]
Re: (Score:2)
Since it was named "EmailExcludeClinton.csv" it was probably not Excel and not even a spreadsheet
Just a plain text file ..... Limit is either 4GB or 16TB ....
Re: (Score:2)
indeed most people think a "csv is an excel file" since it's presented as such in Windows and opens Excel when double clicked. Don't overestimate the typical office computer user, calling them tards would be insult to the actually mentally retarded.
Re: (Score:2)
You obviously don't work in IT and watch users call .csv "Excel files"
you are ignorant of the working world, probably a manlette sponging off your mother.
Re: (Score:2)
Re: (Score:1)
You tell me.
My email is Timothy.Hollins.Gimp-for-hire@gmail.com
This explains ... (Score:2)