Alaska: Elections data exposure affected 113,000 Alaskans but had no impact on November results, state officials say | Aubrey Wieber/Anchorage Daily News

A data exposure caught by elections officials in October compromised the personal information of 113,000 Alaskans but had no impact on the actual election results, Lt. Gov. Kevin Meyer said Thursday. The exposure involved the online voter registration database, which is separate from the voter tabulation system. “The results of the election are accurate, and we have been doing hand counts to verify that,” Meyer told reporters Thursday. State officials said “outside actors” accessed the data through a flaw in the online voter registration system, which has since been patched. They were able to pull registered voters’ names, dates of birth, state identification numbers, last four digits of Social Security numbers, addresses and party affiliations. (Party affiliations, names and addresses are already publicly available through the state’s voter information database.) The online voter registration system, which is only 5 years old, is separate from the overall registered voter database. It only includes people who have updated their voter information in the past five years.

Full Article: Elections data exposure affected 113,000 Alaskans but had no impact on November results, state officials say – Anchorage Daily News

National: Cybersecurity company finds hacker selling info on 186 million U.S. voters | Ken Dilanian/NBC

A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million. The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as U.S. officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election. Much of the data identified by Trustwave, a global cybersecurity company, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registration records were found for sale in bulk on the so-called dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, by sending emails designed to intimidate voters.

National: States Have Improved Election Cybersecurity, but Still Can Do More | Phil Goldstein/StateTech Magazine

After more than a year of preparations and security enhancements, state and local governments are entering the final weeks of the 2020 election season. With millions of votes already cast, two things are clear: Government agencies have markedly improved their cybersecurity controls in the wake of the 2016 election, and yet they could still be doing more and cannot let their guards down. Outside experts say that state governments, especially those in battleground states, have improved their cybersecurity protections for election infrastructure and voter data. However, there are still cybersecurity measures they should be taking ahead of Election Day on Nov. 3. Meanwhile, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is continuing to coordinate with state and local agencies on election security threats, especially from nation-state actors and cybercriminals. CISA is confident in election security protections that have been put in place but remains on high alert.

Maryland: Election security in doubt after hearing | Capital News Service

Maryland legislators learned last week the state’s electronic balloting system may need better security measures to protect voters’ information and that the lawmakers must be the ones to add those protections. The state’s electoral board told lawmakers Sept. 6 that they are powerless to make those changes, and that any security changes must come directly from the legislative body. Last year, the state’s Board of Elections voted 4-1 to certify a new system for online ballots, even though experts in cybersecurity and computer science publicly objected. While nearly all states have a system in place for signature verification, the General Assembly did not vote last year on the topic so there was no verification system in place, leaving Maryland as the only state in the nation without one, according to a report last year by Capital News Service.

National: Lawmakers blast Trump’s plan to work with Russia on cybersecurity | The Washington Post

On Sunday morning, President Trump spoke of his new alliance with Russian President Vladimir Putin to erect an “impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded.” This, the president tweeted at 7:31 a.m., came after Putin “vehemently denied” interfering with the 2016 U.S. election. The tweet’s timing could not have been more perfect — for congressional critics of Trump’s new plan. It gave them just enough of a head start to workshop one-liners and practice their comedic timing before the Sunday morning political talk shows. Sen. Lindsey O. Graham (R-S.C.) quipped on NBC’s “Meet the Press” that Trump’s plan was “not the dumbest idea I’ve ever heard, but it’s pretty close.” Graham called Trump “literally the only person I know of who doesn’t believe Russia attacked our election in 2016″ and said he was “dumbfounded.” Graham said Trump is “hurting his presidency by not embracing the fact that Putin is the bad guy.”

National: Congress hears sinister tale of Russia meddling in US election | Associated Press

A sinister portrait of Russia’s cyberattacks on the U.S. emerged Wednesday as current and former U.S. officials told Congress Moscow stockpiled stolen information and selectively disseminated it during the 2016 presidential campaign to undermine the American political process. The Russians ‘‘used fake news and propaganda and they also used online amplifiers to spread the information to as many people as possible,’’ Bill Priestap, the FBI’s top counterintelligence official, told the Senate Intelligence committee.

National: UK was given details of alleged contacts between Trump campaign and Moscow | The Guardian

The UK government was given details last December of allegedly extensive contacts between the Trump campaign and Moscow, according to court papers. Reports by Christopher Steele, a former MI6 officer, on possible collusion between the the Trump camp and the Kremlin are at the centre of a political storm in the US over Moscow’s role in getting Donald Trump elected. It was not previously known that the UK intelligence services had also received the dossier but Steele confirmed in a court filing earlier this month that he handed a memorandum compiled in December to a “senior UK government national security official acting in his official capacity, on a confidential basis in hard copy form”.