The Electoral Service of Chile confirms the authenticity of the data but denies a leak from the server. Election information from more than 14.3 million Chileans, 80% of the country's population, leaked onto the internet in an Elasticsearch database. ZDNet.com absorbs the leak from a member of the Wizcase research team, who proceed the server's IP address to this reporter last week, in order to identify the nature and source of the leak. We found that the database contained the names, residential addresses, gender, age, and tax identification numbers (RUT, or Rol Único Tributario) of 14,308,151 people.
ZDNet.com confirmed the validity and accuracy of this information with several of the persons whose data was contained in the database. A spokesperson for the Chilean Electoral Service (Servel) also confirmed the authenticity of the data but denied being responsible for the failed server.
Electoral registers dating from 2017
Our private sources and the spokesperson for Servel indicated that the data stored on the Elasticsearch server, hosted on the network of a US host, is at least two years old. "The information mentioned is data from 2017," a Servel spokesperson told ZDNet.com. While the agency had allowed third parties to access its data to create election-related applications, Servel said "access to critical service data is not given to outside companies."
The agency said it is mandated by Chilean law to keep the data up to date and provide an interface where voters can check the validity or update their information. This can be done through mobile apps or the official Servel website. At the moment the server is still online. The Wizcase team has published their own report on the data breach on their blog. WizCase researchers estimated that the server contained data "on almost all Chilean adults," including prominent politicians.