Privacy Ninja

Georgia County Voter Information Leaked By Ransomware Gang

Georgia County Voter Information Leaked By Ransomware Gang

The DoppelPaymer ransomware gang has released unencrypted data stolen from Hall County, Georgia, during a cyberattack earlier this month.

On October 7th, Hall County in Georgia announced that they had suffered a ransomware attack that impacted their networks and phone systems.

At the time, Hall County stated that there was no indication that the hackers stole any unencrypted data before performing the attack,

“At this time, there is no evidence to show that citizen or employee data has been compromised. However, citizens and employees are encouraged to take precautionary measures to monitor and protect their personal information,” Hall County stated.

Hall County data leaked by threat actors

Today, the DoppelPaymer ransomware gang published a little over 1 GB of unencrypted files stolen from Hall County computers and claim to have encrypted 2,464 devices during the attack.

Hall County data leaked on the DoppelPaymer site

The leaked data includes 911 spreadsheets, election documents, lobby comment cards, and accounting and financial records.

Also Read: Letter of Consent MOM: Getting the Details Right

List of leaked data

The election documents reviewed by BleepingComputer contain ballot proofs, poll worker lists, administrative documents, accounting and financial records, and city bulletins. Also included are voter registration records containing resident’s voter registration ID, full name, address, and assigned ballot, which is, for the most part, public information.

BleepingComputer has been told that at least one document contained a voter’s social security number.

While most of the information released as part of this leak is public info, the data can be used in targeted phishing attacks or even for voter intimidation.

Last week, the US government disclosed that Iran was behind voter intimidation emails sent to Democrats in Florida and Alaska that pretended to be from the far-right Proud Boys group.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

Outsourced DPO – It is mandatory to appoint a Data Protection Officer. Engage us today.

PDPA Training (SkillsFuture Eligible) – Empower data protection knowledge for your employees.

Vulnerability Assessment Penetration Testing – Find loopholes in your websites, mobile apps or systems.


Leave a Reply

Your email address will not be published. Required fields are marked *


Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.

Powered by WhatsApp Chat

× Chat with us on WhatsApp