People complain about legislative reform all the time because most times they are doing more bad than they are doing good. But if you’re one of those complainers and you’ve sent an email complain to your local or federal lawmaker regarding a legislative form, the chances are your message was sent via a form build by a political group from Washington DC.
The group in question is a little-known Washington DC group called Voter Voice. Voter Voice says that their system allows for lobbying firms and groups alike to alert citizens about any new issues, and part of their campaign is to message lawmakers regarding set issues.
But Voter Voice says that it’s more than just filling out a complaint form on a website. You are giving your name, your email address, and any other information that the form requires, and more than 21 million people have used this form and have sent more than 36 million messages till this day.
Source: responsepoint.com
Recently, Voter Voice had their storage servers exposed, and hundreds of thousands of emails and campaign data was stolen.
A Voter Voice security researcher, John Wethington, has managed to found the exposed storage server and even attempted to secure the stolen data. However, according to Wethington, Voter Voice has made no efforts in securing the stolen data whatsoever.
It is unknown how long the server in question was exposed, and the level of damage is also unclear. However, the server was created when FiscalNote acquired Voter Voice back in 2017.
What we do know is that a file containing almost 5,000 unique names, phone numbers and email addresses was very much jeopardized in the process. These are 5,000 unique American citizens who’ve composed the same four-paragraph text that they all sent to lawmakers regarding Medicare reforms. The file contains the names of each person and to which lawmakers they intended their message to be sent.
Source: Jan S. Gephardt’s Artdog Studio
Wethington said that organizations such as these, who provide the platforms for outreach, advocacy, and lobbying, hold the most sensitive information of hundreds of thousands of Americans who use their system. He also pointed out that this type of sensitive information could be very dangerous if placed in the hands of extremist groups.
This type of information is private and sensitive by nature, and if placed in the wrong hands, it could jeopardize the privacy of those people.
Voter Voice issued a statement saying that “Users should know that Voter Voice notifies its users about recent changes to the privacy policy. All communications with lawmakers, whether that’s through a public petition or private and direct contact with the lawmaker, are not private. These communications can easily be obtained via an FOIA or public information request to Congress.”
Voter Voice has issued another statement saying that “We are committed to the security and safety of our user’s information.” But Voter Voice doesn’t acknowledge that the server was exposed, doesn’t understand how long was exposed and doesn’t know how much information was jeopardized.
Source: Fort Worth
It is believed that almost 300,000 phone numbers, names and email addresses could be exposed from the server alone. And we are only certain about 5,000 of those.
