Arizona Secretary of State Michele Reagan was in the backyard of her home last June when she got a call from her chief of staff. “The first words out of his mouth were, ‘Can you sit down?'” Reagan told Mother Jones. He then said that her office had been “contacted by the FBI, and it looks like there’s a computer password and username that belongs to our database for sale on the dark web.” Reagan is the chief elections officer for the state of Arizona, and the credential that was for sale on the “dark web”—a collection of websites that hide their IP addresses to obscure where they’re hosted and who runs them—would potentially give the buyer access to a database containing personal information for nearly 4 million voters. With help from the FBI, the Arizona Department of Homeland Security, and the Arizona Department of Administration, Reagan and her staff determined that an employee in Gila County, Arizona, had opened a Microsoft Word document attached to an email. That document likely contained software that may have tracked the employee’s key strokes, which eventually led to the attacker getting a username and password to one of the state’s election-related databases.
Arizona and Illinois have both seen their election databases probed by hackers during a summer dominated by headlines of Russian hackers attacking the Democratic National Committee and other Democratic Party institutions, and releasing thousands of pages of emails, memos, and donor information related to the Clinton campaign. In addition, at least 23 states’ systems have reportedly been scanned for vulnerabilities, according to Politico, and 33 have asked the Department of Homeland Security for help securing their systems.
Last Friday, the US government officially accused “senior-most officials” in Russia of being behind the DNC hacks, but it has stopped short of blaming Russia for the repeated scans of state election databases. That hasn’t stopped the two issues from becoming conflated, with many in the political community arguing that the election database episodes are connected to the DNC hacks. “Russians Hacked Two U.S. Voter Databases, Officials Say,” NBC News reported on August 30. “‘No doubt’ Russia behind hacks on U.S. election system: senior Democrat,” Reuters reported October 2, citing Rep. Adam Schiff (D-Calif.). Democrats have long urged the White House to publicly blame Russia for all the hacks, and they repeatedly suggest that Russia is trying to help Donald Trump become president.
But security researchers have poured cold water on the connection between Russia and election databases. “There’s not a shred of evidence that [the] Russian government was behind the stealing of one password and one username of an election official in Gila county, Arizona,” wrote Jeffrey Carr, a cybersecurity consultant and author of Inside Cyber Warfare: Mapping the Cyber Underworld.