A data analytics contractor used by Republicans exposed unsecured information about millions of potential voters to the internet without security, leaving it accessible to anyone to download without a password.
Deep Root Analytics kept voter information in databases contained in the Amazon cloud, the Hill reported Monday. The databases contained 25 terabytes of files.
The information was in a file folder titled "target_point" and could be accessed from the Amazon cloud account without logging in.
The voter data exposed 198 million "names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as [algorithm-predicted] voter ethnicities and religions."
The breach was discovered by Chris Vickery, a researcher with the security firm UpGuard.
"In terms of the disc space used, this is the biggest exposure I've found. In terms of the scope and depth, this is the biggest one I've found," Vickery said.
Deep Root Analytics issued an apology.
"We take full responsibility for this situation," the contractor said in a statement.
The RNC spent $983,000 from January 2015 to November 2016 for Deep Root's assistance and $4.2 million for the services of TargetPoint, a firm that UpGuard says may have compiled and shared the compromised data with Deep Root.