Saturday, February 15, 2025
HomeCyber Security NewsFair Vote Canada Data Leak: 34k Email Addresses Leaked

Fair Vote Canada Data Leak: 34k Email Addresses Leaked

Published on

SIEM as a Service

Follow Us on Google News

Fair Vote Canada has disclosed a data leak affecting approximately 34,000 email addresses.

While the organization assures that no financial information was compromised, the incident has raised concerns about data security practices.

Fair Vote Canada revealed that the breach involved data from 2020, which inadvertently became publicly accessible via an external website.

The exposed information included names, phone numbers, addresses, email addresses, and details about donations, such as dates and amounts for some individuals.

Join ANY.RUN's FREE webinar on How to Improve Threat Investigations on Oct 23 - Register Here 

Significantly, no credit card or banking information was leaked.  The organization traced the source of the leak to a well-meaning volunteer who had been granted temporary access to the data for a specific task.

Unknown to Fair Vote Canada, this volunteer moved the data to a website where insufficient security measures led to accidental exposure.

Details of the Data Leak

Upon discovering the leak, Fair Vote Canada swiftly removed and deleted the data from the unauthorized location.

Valerie Brooks and Steve Hindle, Co-Chairs of Fair Vote Canada, emphasized their commitment to data security in a statement: “We understand that this data exposure, even without malicious intent or evidence of misuse, is troubling and unacceptable.”

Fair Vote Canada has implemented immediate measures to restrict database access exclusively to staff and contractors in response to the incident.

The organization is also adopting stricter digital security procedures to prevent future occurrences.

Fair Vote Canada has regretted the incident and is taking proactive steps to reassure its supporters.

The organization is urging anyone with questions or concerns to reach out via their official email.

How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide (PDF)

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...