Colorado secretary of state reveals voting equipment passwords were posted online for 4 months
Colorado Secretary of State Jena Griswold revealed voting equipment passwords were posted online for four months before being noticed and taken down in a concerning security breach ahead of the election.
Griswold, a Democrat, said the passwords were posted on June 21 and were taken down on Oct. 24.Â
A former staff member created a spreadsheet that contained the passwords in a hidden tab. The spreadsheet was then posted on the Colorado Department of State’s subpage for voting system equipment, Griswold’s office said.
Griswold’s office said the employee left “amicably” before the breach was made public. However, Griswold refused to share specific details about the employee’s departure.Â
COLORADO SECRETARY OF STATE SITE ‘IMPROPERLY’ DISPLAYED PARTIAL PASSWORDS FOR VOTING SYSTEMS
Griswold’s office determined that 34 of Colorado’s 64 counties were affected by the password breach.
While the breach was discovered on Oct. 24, it wasn’t made public until the Colorado Republican Party revealed it in an email five days later.
Griswold defended her office’s decision not to detail the breach to the public right away, claiming she didn’t know if the passwords were active. She said she wanted to understand the “size and scope of the disclosure” first.
ARIZONA COUNTY DEFENDS RESTORING 98,000 WITH UNCONFIRMED CITIZENSHIP TO VOTER ROLLS
The Colorado Libertarian Party is suing the state over the breach.
Griswold’s office said all affected active equipment had undergone password updates with support from the Governor’s Office of Information Technology, Colorado Bureau of Investigation and Colorado’s dedicated County Clerks.
‘CONTINUED HARASSMENT’: LAWSUIT TO BAN FEDS FROM POLLING SITES FILED BY MISSOURI REPUBLICANS
Griswold insisted Colorado’s elections are safe.
“Colorado’s elections are safe and Coloradans will have their voices heard on Election Day. Our elections have many layers of security. Ensuring that Colorado’s elections are secure and accessible has been and will always be our top priority, which is why the Department of State, along with County Clerks and election workers across the state, address any and every potential risk to our elections with the utmost seriousness. I am regretful for this error. I am dedicated to making sure we address this matter fully and that mistakes of this nature never happen again.” — Secretary of State Jena Griswold
The secretary’s office said it is working with a law firm on an outside investigation to determine how the breach happened, how it could be prevented and any recommendations for improvement.Â
It added it will also require additional cybersecurity training with all staff, including password management and security procedures.Â
Read the full article here