A mailing list containing nearly 10,000 Colorado NRA supporters’ names and home addresses has been accidentally posted online, exposing sensitive data to anyone searching on Google.
Cybernews received a message from a reader who claimed that they were searching for a friend on Google and saw that Friends of NRA had accidentally posted a 1.1MB mailing list with names and home addresses on its website, which was indexed by search engines.
Cybernews researchers have investigated the claim and found that the data set is likely from 2018. The list included contact data of nearly 10,000 Colorado customers who signed up for raffles and services on the friendsofnra.org website.
The leak most likely happened due to negligence and human error, as such misconfigurations are very common.
Friends of NRA is a non-profit organization that supports shooting sports and firearms education programs. It’s primarily a fundraising program for the National Rifle Association of America (NRA) Foundation.
“The impact of a data leak is limited as there are only names and home addresses,” Cybernews researchers said.
“Also, the data is seven years old, so it might not be current anymore. Still, leaking such data might lead to stalking and harassment.”
Cybernews has reached out to the organization, but a response is yet to be received.
In 2021, Grief, a Russian-linked subsidiary of notorious Evil Corp, targeted the controversial lobby group National Rifle Association (NRA). The NRA didn’t acknowledge any breach at the time, claiming that it does not discuss electronic security.
Your email address will not be published. Required fields are markedmarked