The server contained data from Deep Root Analytics, which created a database of information from a variety of sources including the Republican National Committee, one of the company's clients. (It has since been secured, per the Hill.) In a post about the discovery Monday, UpGuard calls it "the largest known data exposure of its kind", pointing out that the data covers nearly all of the 200 million registered voters in the US. Those categories span almost every major political debate, including a voter's likely stance on abortion, gun control, stem cell research and environmental issues.
"The data that was accessed was, to the best of our knowledge, proprietary information, as well as voter data that is publicly available and readily provided by state government offices", Lundry said.
More information still came from The Kantar Group, an worldwide media and market research firm with hundreds of offices on six continents.
Political data breaches aren't just for the DNC anymore: A GOP data firm has accidentally leaked personal information on nearly all of the 200 million registered voters it had access to.
The databases appear to have been used by the three companies to support the last three Republican presidential campaigns, in 2008, 2012, and 2016.
According to a Gizmodo report, the RNC and other GOP organizations contracted the conservative firm Deep Root Analytics to gather audience data from multiple sources, such as Republican super PACs and Reddit, that were meant to be used for targeted political ads. DRA is said to have blocked public access to all of the server's data shortly after that disclosure.
According to UpGuard, the database had compiled detailed profiles on voters that the RNC used to help craft its shock win in the 2016 presidential race. If US citizens like it or not, their data had been exposed online a long time ago, and they'll never put the genie back in the bottle when it comes to their personal details. Massive databases of aggregated national voter rolls have become more valuable in political campaigns with each passing election, allowing for micro-targeting of campaigns down to the individual.
Gizmodo reports that Deep Root has accepted full responsibility for the oversight and corrected the issue, adding multiple layers of security to the data.
The fundamental problems which exposed this data are not rare, uncommon, or consigned to one side of the partisan divide; indeed, while those responsible for this exposure are of one party, the 198 million Americans affected span the entire political spectrum, their information revealed regardless of their political beliefs.
It's important to note that there's not much risk to the affected individuals, as the database has been secured and most of the information was already publicly available.
Since UpGuard noticed the leak last week, tech site Gizmodo has confirmed the ownership of the data belonged to Deep Root Analytics, a "conservative data firm that identifies audiences for political ads". If you're registered to vote in the US, it's likely that at least some of your information would have been stored in that file.
"Based on the information we have gathered thus far, we do not believe that our systems have been hacked", Lundry said.