Political campaigns collect tons of data, but they’re terrible at protecting it

Over the last three months, more than 100 million US voters have had their data exposed online. These data breaches weren’t caused by a sophisticated hack or malware. Instead, political campaigns' abysmal cybersecurity practices are to blame. Although modern campaigns constantly acquire and purchase massive amounts of data, they often neglect to fully beef up security surrounding it, effectively turning the campaigns into sitting ducks — huge operations with databases left open and vulnerable. Most people understand that free online services monetize their business by collecting data. Users know the unspoken deal they’re agreeing to when they sign up for something. However, this isn’t the case when it comes to voter data. It’s typically a surprise to people — even those who work in the industry — how much data is collected on voters and how much of it is considered public. In addition to public data, campaigns purchase information from brokers, or companies that make their money selling information about people.

The amount of data obtained is troubling, but perhaps more troubling is the fact that political campaigns are terrible at cybersecurity. Not only do the organizations have access to more information than ever before, they’re not able to keep it safe. The incentives to do so just don't exist, and that's why we're seeing so much compromised voter data.