WatchPoint Security Blog

Voter Databases Breached in Illinois and Arizona

Written by Jordan Kadlec | August 31, 2016

Ahead of the November 8th presidential election, the Federal Bureau of Investigation (FBI) is urging states to increase computer security. This comes as no surprise with the recent breach of election systems in Illinois and Arizona. The hacks, which occurred in late June, are currently being investigated by the FBI.

In Illinois, hackers accessed a database of the Illinois Board of Elections, which is comprised of up to 200,000 personal voter records. The database included personally identifiable information (PII) such as voters’ names, addresses, sex, birthdays, and some records even include the last four digits of a voter’s social security number.

As for Arizona, state officials took the statewide registration system offline after they were alerted by the FBI that there was a credible cybersecurity threat to the voter registration system. While there is no evidence that any data within the system was compromised, and no malware was detected, officials did discover that a county election official’s username and password had been publicly posted online. It is believed that a worker may have accidently downloaded a virus which led to the exposure. Fortunately, the obtained information would only give hackers access to a localized, county version of the voting registration system, and not the entire Arizona system.

Who’s to Blame?

One FBI official told NBC News that the attacks have been attributed to Russian intelligence agencies.

“This is the closest we’ve come to tying a recent hack to the Russian government,” the official said

The Russians were also the number one suspect behind the Democratic National Committee (DNC) hack which included documents outlining criticism and defense points on issues such as the U.S. military intervention in Libya, the 2012 Benghazi attack, and the Hillary Clinton email server controversy.

Bigger Threat?

David Kennedy, chief executive officer of information security consulting company TrustedSec, believes the attacks appear to be exploratory and could be a test run for a bigger threat.

“It could be a precursor to a larger attack,” Kennedy added.

Some sources, namely the Donald Trump campaign committee, are concerned about how these breaches could affect the outcome of the presidential election. However, voting machines and tabulating systems are generally not connected to the Internet, which would be the vulnerability hackers would use to compromise the electoral system.

The Department of Homeland Security (DHS) is currently more concerned about the PII that has been stolen in Illinois and Arizona as well as the potential for more breaches. While the DHS has offered to help states increase their cybersecurity, several states have rejected help as they believe their systems are secure. We have all heard that before, right?