The FBI has started issuing security warnings to system admins of state electoral board systems around the U.S. This is due to the security breach of the Illinois Board of Elections in June and the attempted attack against Arizona in August.
The June attack that targeted the Illinois Board reportedly stole the personal data of 200,000 voters by using an SQL injection on the board's website and database. Fortunately, the other attempted SQL attack against Arizona was less successful but it was not disclosed if data was stolen.
The FBI alert states that the attacks were traced to IP addresses belonging to virtual servers situated in Bulgaria, the Netherlands and Russia. The hacking tools of these attackers include Acunetix, SQLMap, and DirBuster, common resources used for website vulnerability scanning and SQL injection attacks against database servers.
The authorities suspect that these attacks from "foreign hackers" may have possible links with the breach of the Democratic National Committee servers last month. This attack against the DNC is suspected to have been launched by Russian groups.
The Illinois and Arizona attacks look to be nothing more than attempts to steal personal information rather than having real political intentions. Personally, identifiable data, like names, phone numbers, addresses, and email addresses are valuable for cybercriminals since this information can be sold on the Dark Web and used for activities like phishing scams.