“I found a collection of different documents, including voting records, ballot templates, and voter registrations, all from a single county in Illinois,” Fowler said in the report. “Further investigation revealed a total of 13 open databases and 15 others that exist but are not publicly accessible.”

The exposed 13 non-password-protected databases contained lists of active voters, absentee ballots, early mail-in voting records, and duplicate voters, along with highly sensitive personal information such as full names, addresses, dates of birth, Social Security numbers, and driver’s license numbers. Additionally, candidate documents with personal phone numbers, email addresses, and home addresses were also exposed.

“There were documents marked as ‘voter records’ that contained far more potentially sensitive personal information,” Fowler added. “This included historical voting records and copies of voter registration applications.”