First, a little bit from this story and then some headlines about the problems mostly in Oregon:
From the Journal of Technology Science, September 5th, 2017:
Voter Identity Theft: Submitting Changes to Voter Registrations Online to Disrupt Elections
Abstract: Could an attacker impact U.S. elections by merely changing voter registrations online? This reportedly happened during the 2016 Republican primary election in Riverside County, California. What about elsewhere? We surveyed official voter record websites for the 50 states and the District of Columbia and assessed the means and costs for an attacker to change voter addresses. Relatedly, an attacker could also change party affiliations, delete voter registrations, or request absentee ballots online. A voter whose address was changed without her knowledge, for example, in most states would have a polling place different than expected. On Election Day, when she appeared at her presumed polling place, she would have been unable to cast a regular vote because her name was not on the precinct’s register. She may have been turned away or given a provisional ballot, and in many cases, a provisional ballot would not count. Perpetrated at scale, changing voter addresses, deleting voter registrations, or requesting absentee ballots could disenfranchise a significant percentage of voters, and if carefully distributed, such an attack might go unnoticed even if the impact was significant. So, how practical is it to submit false changes to voter registrations online?
Results summary: We found that in 2016, the District of Columbia and 35 of the 50 states had websites that allowed voters to submit registration changes. These websites determined whether a visitor was an actual voter by requesting commonly available personal information. Some websites gave multiple ways for a voter to self-identify. Of these, {name, date of birth, address} was required in 15, {name, date of birth, driver’s license number} was required in 27, and {name, date of birth, last 4 SSN} was required in 3. We found that an attacker could acquire the voter names, demographic information and government-issued numbers needed to impersonate voters on all 36 websites from government offices, data brokers, the deep web, or darknet markets.
More at the site - much of this information is already available online and it is a trivial task to modify a bot to cycle through a list and accessing the Secretary of State's voting portal.
And now, some headlines for your perusal:
-
- Some Oregon voters claim their party affiliation changed ahead of primary
- No, elections officials didn’t change Oregon voters’ party ID without permission, they say (officials didn't, partisan hackers did)
- Voters allege party affiliation fraudulently changed
- Twitter suspends account of Oregon group that claims voters’ party affiliations were changed without consent
- Elections officials dispute claims that voters' registrations were changed
- Were Oregon voters mailed the ‘wrong’ ballots for the primary election?
- Some voters upset they couldn't vote in primary contests
- Oregon election system falsely accused
- Secretary of State says changes in voter affiliation aren’t ‘widespread DMV glitch’
- Fact check: Are California Republicans having voter registration changed without consent?
Broward, Palm Beach, and Dade counties in Florida are also reporting similar problems. This is very widespread. I would remind you of this post from yesterday:
New Judicial Watch Study Finds 353 U.S. Counties in 29 States with Voter Registration Rates Exceeding 100%
I hope that they are watching this very closely - they are but... I am feeling a bit scared for our nation.
Leave a comment