Hackers Stole Voter Registration Data in at Least Two States

The FBI sent a notice to election officials across the country.

Jaap Arriens/Zuma

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.


The FBI believes hackers tried to get data from the State Board of Elections in at least two states in July and August, according to a notice sent to elections officials around the country and published by Yahoo News Monday morning. It’s unclear what data the hackers were able to get, but the information suggests they scanned the state elections boards’ websites looking for vulnerabilities. They found several and attempted to enter the systems, and some “exfiltration”—which refers to theft of data—occurred.

On August 18, state elections officials received a “Flash,” a notice sent by the FBI to various relevant parties, titled “Targeting Activity Against State Board of Election Systems.” The FBI reported that it had received reports of an additional IP address—a unique series of numbers that identifies every device that connects to the internet—within the logs of one state’s board of election’s system in July, and then another attempt at breaking into a separate state’s system in August. The IP address numbers can be easily masked to hide an attacker’s true origin, but the flash included detailed information about the methods used by the hackers. The FBI asked state election officials to scan their own network logs for similar activities.

The FBI didn’t identify the states involved, but Yahoo News, citing “sources familiar with” the FBI flash, reports that the attacks likely targeted voter registration databases in Arizona and Illinois. In Illinois, state election officials shut down the state’s voter registration system for 10 days in late July, Yahoo News reports, while the attack in Arizona was more limited.

The FBI flash does not attribute the attacks to anyone specifically, but the revelation comes following recent hacks of the Democratic National Committee and other major Democratic Party organizations and officials that, the US government says, implicated hackers working with or on behalf of Russia. The hacker who has claimed responsibility for the DNC hacks, Guccifer 2.0, has told Mother Jones and others that he was born in Eastern Europe and is not at all connected to Russia, a claim doubted by outside security officials. Russian officials have repeatedly denied that the Russian government had anything to do with the hacks.

The IP addresses provided by the FBI in the flash point to computer systems in the Netherlands and Delaware, according to online IP tracking tools, but Wired says further analysis shows at least one of the IP addresses appears to be linked to a website linked with the Turkish AKP political party. The Yahoo News report cites a cybersecurity expert saying one of the IP addresses has “surfaced before in Russian criminal underground hacker forums,” and the attack methods resemble a hack of the World Anti-Doping Agency earlier this month. Others have blamed that hack on Russia as well. But the types of attacks, methods, and tools detailed by the FBI flash are quite common in the hacking world. That means blaming Russia or anybody else at this point is only speculative.

The hack, combined with other vulnerabilities in the American election infrastructure, including voting machines that produce no verifiable paper audit trail, reinforces the notion that the US election system is vulnerable to disruption.

“This is a big deal,” Rich Barger, the head of cybersecurity firm ThreatConnect, told Yahoo News. “Two state election boards have been popped and data has been taken. This certainly should be concerning to the common American voter.”

AN IMPORTANT UPDATE

We’re falling behind our online fundraising goals and we can’t sustain coming up short on donations month after month. Perhaps you’ve heard? It is impossibly hard in the news business right now, with layoffs intensifying and fancy new startups and funding going kaput.

The crisis facing journalism and democracy isn’t going away anytime soon. And neither is Mother Jones, our readers, or our unique way of doing in-depth reporting that exists to bring about change.

Which is exactly why, despite the challenges we face, we just took a big gulp and joined forces with the Center for Investigative Reporting, a team of ace journalists who create the amazing podcast and public radio show Reveal.

If you can part with even just a few bucks, please help us pick up the pace of donations. We simply can’t afford to keep falling behind on our fundraising targets month after month.

Editor-in-Chief Clara Jeffery said it well to our team recently, and that team 100 percent includes readers like you who make it all possible: “This is a year to prove that we can pull off this merger, grow our audiences and impact, attract more funding and keep growing. More broadly, it’s a year when the very future of both journalism and democracy is on the line. We have to go for every important story, every reader/listener/viewer, and leave it all on the field. I’m very proud of all the hard work that’s gotten us to this moment, and confident that we can meet it.”

Let’s do this. If you can right now, please support Mother Jones and investigative journalism with an urgently needed donation today.

payment methods

AN IMPORTANT UPDATE

We’re falling behind our online fundraising goals and we can’t sustain coming up short on donations month after month. Perhaps you’ve heard? It is impossibly hard in the news business right now, with layoffs intensifying and fancy new startups and funding going kaput.

The crisis facing journalism and democracy isn’t going away anytime soon. And neither is Mother Jones, our readers, or our unique way of doing in-depth reporting that exists to bring about change.

Which is exactly why, despite the challenges we face, we just took a big gulp and joined forces with the Center for Investigative Reporting, a team of ace journalists who create the amazing podcast and public radio show Reveal.

If you can part with even just a few bucks, please help us pick up the pace of donations. We simply can’t afford to keep falling behind on our fundraising targets month after month.

Editor-in-Chief Clara Jeffery said it well to our team recently, and that team 100 percent includes readers like you who make it all possible: “This is a year to prove that we can pull off this merger, grow our audiences and impact, attract more funding and keep growing. More broadly, it’s a year when the very future of both journalism and democracy is on the line. We have to go for every important story, every reader/listener/viewer, and leave it all on the field. I’m very proud of all the hard work that’s gotten us to this moment, and confident that we can meet it.”

Let’s do this. If you can right now, please support Mother Jones and investigative journalism with an urgently needed donation today.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate