(Reuters) - An independent computer security researcher uncovered a database of information on 191 million voters that is exposed on the open Internet due to an incorrectly configured database, he said on Monday.
The database includes names, addresses, birth dates, party affiliations, phone numbers and emails of voters in all 50 U.S. states and Washington, researcher Chris Vickery said in a phone interview.
Vickery, a tech support specialist from Austin, Texas, said he found the information while looking for information exposed on the Web in a bid to raise awareness of data leaks.
"I want our society to respect privacy more," he said. "We need serious referendum on the way private data is handled."
RELATED GALLERY: Notable data breaches
Notable data breaches in the US
Researcher: Database of 191 million US voters exposed on Internet
Credit reporting company Equifax Inc. corporate offices are pictured in Atlanta, Georgia, U.S., September 8, 2017. REUTERS/Tami Chappell
LONDON, ENGLAND - AUGUST 19: A detail of the Ashley Madison website on August 19, 2015 in London, England. Hackers who stole customer information from the cheating site AshleyMadison.com dumped 9.7 gigabytes of data to the dark web on Tuesday fulfilling a threat to release sensitive information including account details, log-ins and credit card details, if Avid Life Media, the owner of the website didn't take Ashley Madison.com offline permanently. (Photo by Carl Court/Getty Images)
Katherine Archuleta, director of the U.S. Office of Personnel Management (OPM), speaks during a House Oversight and Government Reform Committee hearing on the OPM data breach in Washington, D.C., U.S., on Wednesday, June 24, 2015. U.S. senators said yesterday they doubt the government's personnel office understands the breadth of a computer hack that exposed the records of more than 4 million federal workers, or that the agency can stop another breach. Photographer: Andrew Harrer/Bloomberg via Getty Images
WASHINGTON, DC - JUNE 05: The entrance to the Theodore Roosevelt Federal Building that houses the Office of Personnel Management headquarters is shown June 5, 2015 in Washington, DC. U.S. investigators have said that at least four million current and former federal employees might have had their personal information stolen by Chinese hackers. (Photo by Mark Wilson/Getty Images)
SCHAUMBURG, IL - AUGUST 04: A statue of a horse stands at the entrance to a P.F. Chang's restaurant on August 4, 2014 in Schaumburg, Illinois. P.F. Chang's China Bistro Ltd. said today that the company experienced a data breach involving customers' credit and debit card information which affected 33 restaurants in 16 states, including the Schaumburg, Illinois location. (Photo by Scott Olson/Getty Images)
PORTLAND, ME - AUGUST 15: Shaws on Congress Street on Friday, July 15, 2014. Shaws parent company is investigating a possible data breach. (Photo by Logan Werlinger/Portland Press Herald via Getty Images)
COLMA, CA - APRIL 18: Customers enter a Michaels art and crafts store on April 18, 2014 in Colma, California. Michaels, the largest arts and crafts chain in the U.S., announced that an estimated 2.6 million cards used at its stores across the country may have been affected by a security breach. Aaron Brothers, a subsidiary of Michaels, was also affected by the breach. (Photo by Justin Sullivan/Getty Images)
CORAL GABLES, FL - FEBRUARY 28: A checkout keypad is seen at a Sears store on February 28, 2014 in Coral Gables, Florida. According to reports the U.S. Secret Service is investigating a possible digital attack at Sears Holdings Corp. (Photo by Joe Raedle/Getty Images)
A couple of shoppers leave a Target store on a rainy afternoon in Alhambra, California on December19, 2013, as the US retail giant said some 40 million customers may have had bank card data compromised by hackers who broke into its database as holiday shopping got underway. Target said there had been 'unauthorized access' to its payment system in US stores affecting credit and debit cards with approximately 40 million credit and debit cards possibly affected by the breach between November 27 and December 15, the company said in a statement. AFP PHOTO / Frederic J. Brown (Photo credit should read FREDERIC J. BROWN/AFP/Getty Images)
Discover More Like This
BACK TO SLIDE
He said he has uncovered about 80 exposed databases, including the recent reported exposure of data on millions of fans of Sanrio Co Ltd's Hello Kitty.
Vickery said he could not tell whether others had accessed the voter database, which took about a day to download.
While voter data is typically considered public information, it would be time-consuming and expensive to gather a database of all American voters. A trove of all U.S. voter data could be valuable to criminals looking for lists of large numbers of targets for a variety of fraud schemes.
"The alarming part is that the information is so concentrated," said Vickery.
Vickery said he has not been able to identify who controls the database. He said he is working with U.S. federal authorities to find the owner so they can remove it from public view. He declined to identify the agencies.
A representative with the Federal Bureau of Investigation declined to comment on the matter.
A representative with the U.S. Federal Elections Commission, which regulates campaign financing, said the agency does not have jurisdiction over protecting voter records.
Regulations on protecting voter data vary from state to state, with many states imposing no restrictions. California, for example, requires that voter data be used for political purposes only and not be available to persons outside of the United States, according to the website of NationBuilder, a company that sells voter records.
Privacy advocates said Vickery's findings were troubling.
"Privacy regulations are required so a person's political information can be kept private and safe," said Jeff Chester, executive director of the Washington-based Center for Digital Democracy. The leak was first reported by CSO Online and Databreaches.net, computer and privacy news sites that Vickery said helped him attempt to locate the database's owner.