International Business Times has broken the news that a database reportedly containing roughly 93.4 million Mexican voter registration records was discovered on an Amazon cloud server without any password protection and includes everything from home addresses to ID numbers.
Alex Cruz Farmer, VP of Cloud at NSFOCUS IB, says: “This is a significant breach, and what makes it worse is that the data was being held outside of Mexico. Mexico has quite strict data governance rules, whereby data must be kept within Mexico and, if it is exported for any reason, the data owner must have the authority of the data subject before the data can be exported. In this instance, it’s clear that the data has landed on an Amazon Web Services server somewhere in the world. Knowing their geographical regions well, AWS today do not have any locations in South America. As Mr Vickery has quite rightly raised, the concern over what the data could be used for is extremely distressing. In the last month alone, there has been more than 200+ million personal records leaked, security must become a priority.”