Personal data of 93.4 million Mexicans were made publicly available.

All Mexican citizens over 18 are present in the database.

The database size of 132 gigabytes, which contains registration data of 93.4 million Mexican voters, went online. The fact that the base lies on the AWS hosting and is available for viewing to everyone, said security specialist Chris Vickery (Chris Vickery) from the company Kromtech, developer of the program MacKeeper ¹ .

The base contains the name and surname of each citizen, the full address, voter identification number, date of birth, names of parents, occupation, etc. According to Vickery , information was available from MongoDB with incorrect configuration.

The specialist discovered the base on April 14 and immediately informed about the leakage of personal data of the US State Department and the Embassy of Mexico, but for eight days did not receive a response from them. Amazon also did not respond to complaints.
')
Only on April 22, Chris was able to contact the Mexican National Electoral Institute and ensure that the information was deleted from AWS. After that, he reported the incident on his blog. Official representatives of the Mexican Election Commission confirmed the authenticity of the data.

According to the expert, personal data has been in the public domain since September 2015, so it’s probably already gone online and posted elsewhere. The identity of the account holder on AWS is still unknown. Representatives of the electoral institute stated that they had calculated the culprit who had downloaded the base on the American AWS server - it was identified by “watermarks”, which were affixed to each copy of the database, which was provided to the political parties. In fact a criminal case .

According to Mexican law, the personal data of citizens is strictly confidential information, the publication of which provides for imprisonment for up to 12 years.

Although some records in the database are duplicated, but it contains information about all Mexican citizens over 18 who are eligible to vote. This is approximately 72% of the population.

Mexico is not the first country to encounter a leak of personal information about the majority of its citizens. Earlier in open access were observed bases of residents of Belize , Greece , Israel , the Philippines and Turkey . And the same Chris Vickery previously reported a base of 191 million American voters , which also “leaked” online due to an incorrect DBMS configuration ( edited screenshot ).

¹ Chris Vikkeri used to be an independent hacker, but in December 2015, he found online 13 million user names and passwords for MacKeeper , after which Kromtech invited him to work .