In late August, the FBI warned state election officials about an attack on voter registration databases from Illinois and Arizona.
“According to the FBI’s alert, ‘an unknown actor’ attacked a state election database by using widely available penetrating testing tools, including Acunetix, SQLMap, and DirBuster,” reported IDG’s Michael Kan. “The hackers then found an SQL injection vulnerability — a common attack point in websites — and exploited it to steal the data. The FBI has traced the attacks to eight IP addresses, which appear to be hosted from companies based in Bulgaria, the Netherlands, and Russia.”
It isn’t known whether these election database hacks are tied either to the DNC hack or other recent breaches, but Amit Ashbel, director of product marketing at Checkmarx believes it wasn’t part of a state-sponsored attack.
The following infographic from application security provider Checkmarx offers an overview of the election breaches, including how the attackers got in and what they stole.
Continue reading the article (and check out the Infographic) on CSO.