• Home
  • cyber
  • U.S. Election Assistance Commission
cyber Breach

U.S. Election Assistance Commission

Nov 12, 2023 1 min read
U.S. Election Assistance Commission

A hacker speaking Russian was allegedly selling stolen login credentials for the U.S. Election Assistance Commission, a government organisation that tests and certifies voting technology, according to security firm Record Future.

A hacker going by the online handle Rasputin allegedly sold over 100 hacked login credentials for the U.S. Election Assistance Commission.

Subsequent investigation revealed a Russian hacker. This actor is referred to by Recorded Future as Rasputin requesting EAC database access credentials from a buyer.

Researchers found that some of these credentials possessed the highest administrative privileges, which could be exploited by a hacker to deploy an exploit kit to compromise specific users in a watering hole attack or steal confidential data from the US Election Assistance Commission.

Source: https://securityaffairs.com/54521/data-breach/eac-data-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/u-s-election-assistance-commission

"id": "use257131123",
"linkid": "u-s-election-assistance-commission",
"type": "Data Leak",
"date": "12/2016",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Elections',
                        'location': 'United States',
                        'name': 'U.S. Election Assistance Commission',
                        'type': 'Government Organization'}],
 'attack_vector': ['Stolen Credentials'],
 'data_breach': {'number_of_records_exposed': 100,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Login credentials'},
 'description': 'A hacker speaking Russian was allegedly selling stolen login '
                'credentials for the U.S. Election Assistance Commission, a '
                'government organisation that tests and certifies voting '
                'technology, according to security firm Record Future.',
 'impact': {'data_compromised': 'Login credentials'},
 'motivation': 'Financial Gain',
 'references': [{'source': 'Record Future'}],
 'threat_actor': 'Rasputin',
 'title': 'Sale of Stolen U.S. Election Assistance Commission Credentials',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Compromised login credentials'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.