U.S. Election Assistance Commission

A hacker speaking Russian was allegedly selling stolen login credentials for the U.S. Election Assistance Commission, a government organisation that tests and certifies voting technology, according to security firm Record Future.

A hacker going by the online handle Rasputin allegedly sold over 100 hacked login credentials for the U.S. Election Assistance Commission.

Subsequent investigation revealed a Russian hacker. This actor is referred to by Recorded Future as Rasputin requesting EAC database access credentials from a buyer.

Researchers found that some of these credentials possessed the highest administrative privileges, which could be exploited by a hacker to deploy an exploit kit to compromise specific users in a watering hole attack or steal confidential data from the US Election Assistance Commission.

Source: https://securityaffairs.com/54521/data-breach/eac-data-breach.html

"id": "USE257131123",
"linkid": "u-s-election-assistance-commission",
"type": "Data Leak",
"date": "12/2016",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"