Some personal voter information could have been gleaned from Washington’s online search tool for several months because of a problem with an update of the system, state elections officials said Friday. That problem was fixed shortly after it was pointed out in a complaint to the state Office of Cyber Security by Tina Podlodowski, the Democratic candidate for secretary of state. Podlodowski, who has criticized incumbent Republican Secretary of State Kim Wyman over voter data security, said Friday the problem was brought to her attention by “a couple of concerned citizens” and she confirmed it by checking her own registration information online.Full Article: Update to Washington's Online Search Tool Exposed Voter Info.
A design flaw in Washington’s online voting tool, MyVote, exposed some voter information that should not have accessible. The secretary of state’s office says the glitch has since been fixed. But, in an election year twist, the Democratic candidate for secretary of state, Tina Podlodowski, alerted the state’s cyber security office to the problem. Podlodowski is challenging incumbent Secretary of State Kim Wyman, a Republican. Podlodowski says a concerned citizen brought the glitch to her attention, prompting her to send an email to Washington’s Chief Information Security Officer. According to the secretary of state’s office, the software issue allowed access to personal information including email address, and phone number, as well as some contact information for military voters. The information was not visible on screen, but could be read through computer coding.Full Article: Secretary of state learns of online data issue from opponent | KING5.com.
Elections authorities and cyber security experts say a concerted effort to alter the outcome of November’s elections through a cyber attack is nearly impossible, even after hackers gained access to voter registration databases in at least two states. But some of those same experts say hackers with ties to Russia aren’t aiming to change election results; instead, their goal is to create a perception that the results are in question, and to undermine confidence in American democracy. “Russian tampering with elections is not new. It’s only new to the U.S.,” said Chris Porter, who runs strategic intelligence for the cybersecurity firm FireEye Horizons. He pointed to Ukraine, Bulgaria, Romania and the Philippines, where Russian-backed hackers have gained access to electoral systems in recent years. “It’s just enough create scandal,” Porter said. “That’s sufficient for Russian aims.” Last month, officials in Arizona and Illinois discovered their voter registration systems had been hacked, a leak that put thousands of voter registration records up for sale on the black market. In January, more than 17 million voter registration records from Washington, Delaware, Rhode Island and Ohio were stolen.Full Article: Hacking the election is nearly impossible. But that's not Russia's goal. | TheHill.
Washington: Challenger Podlodowski discovers open door into state’s voter database | Seattle Post Intelligencer
A yawning back-end pathway into the state’s voter registration database, through which private information could have been accessed, has been closed, thanks to the candidate challenging Secretary of State Kim Wyman. “Anyone with basic programming skills and knowledge about these weaknesses could conceivably (access) this data, look up and harvest private data from millions of Washingtonians,” Tina Podlodowski wrote Wednesday to the state’s chief information security officer (CISO). The information accessible via the back-end pathway included voters’ personal cell phone numbers, personal email addresses, ballot delivery types, and the coding used to message military and overseas voters. Wyman’s office, without mentioning Podlodowski, put out a release Friday, saying: “The situation has been quickly rectified.” David Ammons, chief communications office for the secretary of state, later confirmed that the problem was first identified in a letter from Podlodowski.Full Article: Challenger Podlodowski discovers open door into state's voter database - seattlepi.com.
An attorney hired by the state Democratic Party told Secretary of State Mark Martin’s office that the latter’s explanations for withholding records about the statewide voter database were “farcical,” “disingenuous” and ultimately “unlawful” in a letter delivered Friday. The letter was written by David Mitchell of the Rose Law Firm. He was hired by the party to represent Chris Burks, general counsel for the party, who had submitted a Freedom of Information Act request to the secretary of state’s office on Aug. 3. Although Martin’s office responded with some documents, Burks said Friday’s letter was intended to point out there were still matters outstanding in the original Freedom of Information Act request. The Democrats sought information about flawed data that Martin’s office had entered into the statewide voter database used by county clerks. County clerks use the data to determine which voters are felons whose names should be struck from voter rolls, but the data included felons who had regained the right to vote and others who had never been convicted of a felony.Full Article: Lawyer blasts voter-roll response.
As Cambodian officials rolled out a new voter registration system on Thursday, questions were raised about the nation’s ability to conduct free and fair elections. While Cambodian authorities announced a three-month registration process that will run from Sept. 1 to Nov. 29, the U.N. ambassador to Cambodia expressed concern that the country’s current political situation could poison the process. “The European Union has expressed concerns over certain actions of the authorities in implementing legal procedures against the opposition party’s officials, civil society’s representatives, and the National Election Commission (NEC) deputy general secretary,” said Ambassador George Edgar. “Cambodia’s authorities must ensure an atmosphere that all political parties and nongovernmental agencies are able to do their jobs without obstacles,” he added during a ceremony announcing the launch of the registration system.Full Article: Cambodia Cranks Up Election Process Raising Fraud Concerns.
Cambodia’s new voter registration system will use a computer program to register eligible citizens who have a national identity card and are over the age of 18 before election day, according to a National Election Committee (NEC) technical officer at a media training event on Friday. Tob Rethy, head of the department of voter database management and NEC voter lists, explained the registration process and addressed reporters’ security concerns. “The names of villages, communes, districts, provinces, capitals and other important details are already included in the program, meaning program users are not allowed to write or add more villages or communes,” he said. “We will use a 3G service to send the data to the server at the NEC head office in Phnom Penh. In case data cannot be sent through the Internet, the user can store it on a flash card or SD card, then send the data file to the NEC commune office for forwarding to the capital,” he said.Full Article: Computer System to Register Voters | Khmer Times | News Portal Cambodia |.
Flawed data flagged 7,730 people in Arkansas to be removed from voter rolls, a spokesman for the secretary of state said Friday. That data have caused headaches for county clerks, who have been left to work out what’s accurate. Some on the list are felons who have not yet taken the steps to regain their right to vote and must be kept off voter rolls, but others on the list have not committed a felony or have already had their rights restored. Interviews with a handful of county clerks show that they are removing only a fraction of those people. In Pulaski County — where nearly 2,000 of those named on the state’s list reside — about 20 percent will be removed after staff members investigated each person, said Jason Kennedy, assistant chief deputy of the clerk’s office.Full Article: Before flaws noted, Arkansas flagged 7,730 on voter list.
An error sent out to county clerks across Arkansas could keep some who are eligible to vote from casting a ballot this November because they’re believed to be felons. The Secretary of State’s office got a list of felons from the Arkansas Crime Information Center. In the past, the office has received that information from the Department of Corrections, but according to law, the SOS must go through ACIC. That’s what happened this year, but on this first go-around, there’s a major issue. Larry Crane, the Pulaski County Clerk, says with months to go before the general election it’s busy. “My office and all of the clerks are going to work our way through this the best we can,” said Crane.Full Article: Old Felon Data Could Keep Voters From Casting Ballots - Story.
In recent times, all data breaches that are taking place are finding its way to the principal black market known as ‘Dark Web’. One can easily find any kind of data that they are looking for here. It is now learnt that a hacker is trying to sell a database that supposedly contains registration records for voters in all 50 US states, Tech Insider reported. A seller using the pseudonym of ‘DataDirect’ is offering US voters’ registration records on the dark net marketplace “The Real Deal.” The Real Deal, a popular site many cyber criminals use for buying and selling everything from illegal drugs to zero-day software exploits. The seller is offering US voters’ records for each state at 0.5 BTC (around USD 340). The seller is also ready to offer the records at a “bulk rate” of 12 Bitcoin, or about $7,800. “US voter registration records. Selling the DB on a State-by-State basis. 0.5 BTC per state (you must tell me which State you want. Some people think it’s unfair to make each State cost the same amount because some States are much bigger than others. I think it’s just easier this way.” states the item description.Full Article: Database Of All US Voters Available For Sale At $7,800 On The Dark Web » TechWorm.
Arkansas: Error flags voters on registration list; thousands in jeopardy of having their registration canceled | Arkansas Online
Flawed data sent out by the Arkansas secretary of state’s office in conjunction with the Arkansas Crime Information Center incorrectly flagged thousands of people to be removed from voter registration lists, meaning several Arkansas voters will have to prove their status before this year’s presidential election if the issue isn’t fixed. In many cases, that will result in undue burden to voters, some county clerks have said, even hinting at possible future lawsuits over the mess-up. The problem arose when the secretary of state’s elections division sought to update voter lists with new felon data to ensure that felons still in prison or on parole or probation aren’t allowed to vote, per state law. In the process of getting the data from the Arkansas Crime Information Center, known as ACIC, about 4,000 people who have never been convicted of a felony were included on the list and flagged by error. Some of them may have been notified by their county clerks’ offices that their voter registration has been canceled, even though it shouldn’t have been.Full Article: Error flags voters on Arkansas list; thousands in jeopardy of having their registration canceled.
The Illinois State Board of Elections’ online voter registration system remained down Thursday afternoon in the wake of a cyberattack last week. The attack on the statewide Illinois Voter Registration System occurred July 12, and the system was shut off July 13 as a precaution once the board realized the severity of the attack, according to a message sent to local election authorities. Hackers exploited “a chink in the armor in one small data field in the online registration system,” said Ken Menzel, the board’s general counsel.Full Article: Hackers penetrate Illinois voter registration database | State/Region | thesouthern.com.
Arizona voters deserve to know if their personal information on file with the state of Arizona remains safe from identify thieves. If there is any threat to the security of the voter registration database, it deserves not only an investigation but full disclosure of the outcome. Right now, every voter in the state has legitimate reason to at least wonder if their personal information has been compromised. A couple of weeks ago, the FBI investigated a hacking threat against the state’s voter registration database and deemed the threat credible, labeling it an “8 out of 10” on the severity scale. The database contains not only names and addresses but also driver license numbers, partial Social Security numbers and other personal information that identity thieves can match with other partial personal information and commit fraud. As the investigation progressed, the state shut down its voter registration website.Full Article: Our View: Potential voter data hack gets whimper of an explanation | Opinion | havasunews.com.
After more than a week of forensic analysis, cybersecurity investigators found no signs of hacker infiltration into the state’s voter registration database and have brought the system back online, the Arizona Secretary of State’s Office announced. The system was taken offline for nine days after the FBI found a “credible and serious” threat to the database, which contains personal information about the more than 3 million registered voters in the state. The system was restored Thursday. “We have not found any evidence of malware or command and control software in the voter registration system and have restored its use,” Secretary of State Michele Reagan said in a statement.Full Article: Investigators find no evidence of voter database hack; system ba - azfamily.com 3TV | Phoenix Breaking News, Weather, Sport.
A single, instantly updated list of registered voters in California became reality on Monday, as two final counties plugged in to an electronic database mandated by a federal law enacted in the wake of the contentious 2000 presidential campaign. In other words, a database that was long overdue. “It’s been more than a decade in coming,” Secretary of State Alex Padilla said. The $98-million project allows elections officials in each of California’s 58 counties to easily track voters who move from one place to another and to quickly update their records in the event of a death or a voter deemed ineligible after conviction of a felony.Full Article: All of California's voters are now in one online database - LA Times.
Facing likely defeat, a Republican senator tabled his own bill Tuesday to make most public information on Florida voters secret. It was the second time that Sen. Thad Altman’s bill was pulled from consideration before a vote in the Senate Ethics & Elections Committee. Altman’s bill (SB 702), a priority of county election supervisors, would make all 12 million Florida voters’ home addresses, dates of birth, phone numbers and email addresses secret. The information has been public for decades, but supervisors say that because of the Internet, voters are shocked to find that the data is all over the web, making them potential targets of identity theft. The voter data is also used by Tom Alciere, a former New Hampshire legislator, who has for-profit websites that display states’ voter databases.Full Article: Secret-voter data bill, on shaky ground, is tabled a second time | Tampa Bay Times.
Alleged voting records of millions of American citizens have been uploaded to the dark web on a site affiliated with a well-known cybercrime forum. Although the information is not particularly sensitive in its own right, its presence on the site shows that even easily obtainable personal data can be of interest to hackers. The datasets appear to include voters’ full names, dates of birth, the date they registered to vote, addresses, local school districts, and several other pieces of information. The dumps also include voting records from previous elections and political affiliations. The two largest files are 1.2 GB and 1 GB, respectively, and each contain at least a million entries. The folder containing the files is called “US_Voter_DB,” though Motherboard could not independently verify the contents’ legitimacy. It’s not entirely clear where the data was sourced from. On December 28 last year, news site CSO Online reported that a database configuration issue had left 191 million voter records exposed to the open internet. That data was discovered by security researcher Christopher Vickery, who found his own personal information within the dump.Full Article: Hackers Are Sharing Reams of US Voter Data on the Dark Web | Motherboard.
Niger has completed changes to its electoral register recommended by the International Organization of the Francophonie (OIF), the body said on Thursday, removing a major source of tension ahead of elections next month. President Mahamadou Issoufou is seeking another mandate as head of the historically turbulent, uranium-producing West African country on Feb. 21. He is the favorite to win but critics say he has become increasingly authoritarian and repressive ahead of the polls. The OIF, an organization representing French-speaking nations tasked with overseeing the voter list, had previously recommended the removal of around 300 ‘ghost’ polling stations and 25,000 voters counted twice.Full Article: Niger tidies electoral register ahead of February vote | Reuters.
Lawmakers and the administration have for years been seeking common ground on a federal data breach law to replace the patchwork of state and local rules. But even with such a law in place, Uncle Sam may still have been shut out of any role in policing the recent exposure of a database of 191 million voter records. The trove of personal information, complete with home addresses and telephone numbers, was briefly available on the public-facing web, due to a database configuration error. Privacy advocates and the media scrambled to investigate, but federal agencies were quiet. While voter registration information is public, it is rarely offered up for public consumption in bulk without some strings attached. Some states bar public-facing online voter record databases, while Florida and Ohio, for instance, both run public-facing voter record look-up sites. Ohio’s site returns addresses for name and county searches, while Florida’s requires birthdates and contains a notice that the site is intended for use only by voters attempting to verify their own registration status. Florida’s state government is considering legislation that would exempt voter information from public records rules because of the possible threat of identity theft.Full Article: Is there a federal factor in the voter records leak? -- FCW.
The Colorado Secretary of State’s Office says information on Colorado voters released on the Internet is public information and did not compromise any voter’s identity information after a database of 191 million U.S. voters was published on the Internet. The database included voter names, addresses, ages, party affiliation, phone numbers and voting history. A company that said it compiled the national database for campaigns said it was released inadvertently and was no longer available.Full Article: Colorado officials say voter database is public information.