A Silicon Valley cyber security startup came across some sensitive voting records left unprotected by a political consultant hired by the Republican National Committee to research voters.
Mountain View-based Upguard found personal information for about 200 million voters that had been exposed for nearly two weeks.
"This isn't something that anyone wants out in the public," Upguard CEO Mike Baukes said.
Whether Democrat, Republican or Independent, the personal data was left out in the open for 12 days, Upguard said. Date of birth, email addresses, locations, data modeling ethnicity and religious behaviors were some of the data left open, the firm said.
"Break of our trust to the voter registration process, break of our trust to our party, and now anybody within the 12 days can grab our information and do anything with that," said Melody Moh, a cyber security professor at San Jose State University.
The most shocking part, perhaps, is how easy it was to get the information if someone wished to.
"The reality is anyone could have done this," Baukes said.
Even scarier: The consultant said some of the data related to voting preferences were found by scouring social media.
Upguard wasn't sure whether anyone accessed the data before the mistake was discovered.