Voting Blogs: Florida’s “hacktivism” controversy and its lessons for the election community | PEEA

Recently, the Miami Herald ran a story about the boasts of a hacker named Abhaxas that he had twice compromised Florida’s election systems by gaining access to servers with sensitive data. State and local election officials – and their vendors – vehemently denied the hacker’s claims and insisted that their systems (and the personally-identifiable voter data on them) remained insecure.

That didn’t stop what the Herald called “major geek news clearinghouses” like Gizmodo and Slashdot from publicizing news of the alleged hack, leading to lots of “here we go again” in the comments.

Even more importantly, the hacker appears to have taken the public denials of harm as a challenge – and has invited others to do the same. Last week, he tweeted the location of the vendor’s server, saying it had a “hack me” sign on it and noting “hack one, have access to all”.

Florida: Did hacker get ‘inside details’ of Florida voting systems? | MiamiHerald.com

Florida was the joke of tech websites this week after a hacker boasted he tapped the “inside details of Florida voting systems.” Twice in a week, the anonymous Twitter user @Abhaxas posted links to lists of voting-related files.

“Who still believes voting isn’t rigged?” he wrote above one list. “If the United States government can’t even keep their ballot systems secure, why trust them at all? FAIL!”

Except he didn’t breach any voting systems, the Florida Division of Elections says. And a major Web vendor to most of the state’s elections supervisors, VR Systems, doesn’t use the same kind of servers accessed by the hacker.

Florida: Abhaxas Hacks Florida’s Voting System Again | Zeropaid

In an apparent effort to show that election votes can be tampered with, Abhaxas previously dumped parts of the Florida voting database to PasteBin. Officials since then downplayed the hack, but suggested that the systems are more secure than ever before. Even though authorities, on top of this, were contacted, it seems that Abhaxas decided to hack the database again. Call it whatever you like, but it seems that Florida is in for a repeat of what happened last week.

Apparently, since the initial hack, Florida officials downplayed the incident saying that there is no reason to fear because of a paper trail and that only a select few are able to have access to the votes to begin with.

Florida: Florida Election Servers Hacked Again | InformationWeek

For the second time in a week, a hacker has broken into systems connected with voting in Florida, stolen data, and released it to the public. The most recent breach occurred after Florida election officials had touted the security of their systems. “Glad you cleaned things up, pretty secure now guys,” said the hacker responsible for the attack–who goes by the name “Abhaxas”–in a post to Pastebin uploaded on Thursday. That post also contained data obtained during the second hack.

We spoke with Chris Sather, Product Management for Network Defense at McAfee about McAfee’s next generation firewalls that analyze relationships and not protocols.

Via Twitter, Abhaxas said that hacking into the servers–using well-known and what would be easy-to-close holes–took him about 10 minutes. Furthermore, he said he had access to all 310 databases on the server, though only publicly released information from two of them.

Florida: Officials say hacker did not steal sensitive Florida voting database information | Bridget Carey/Miami Herald

Florida elections officials said no sensitive information was exposed following a Saturday morning Twitter post by a hacker who claimed to access a Florida voting database. The hacker, who writes under the Twitter name Abhaxas, posted lines of data and passwords said to be “inside details of Florida voting systems.”

The information was from a poll worker training program within a Liberty County elections website, according to Marcia Wood, supervisor of elections for Liberty County, which is based out of the Panhandle city of Bristol.

“It has nothing to do with vital information at all,” Wood said. “It’s not confidential information. As far as the actual passwords they claim to have gotten, it was for poll workers to be able to log on to view training videos.”