Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management

Data Exfiltrated From Alaskan Voter Registration Servers

Officials Believe Stolen Data Used for Voter Intimidation, Propaganda
Data Exfiltrated From Alaskan Voter Registration Servers

Hackers exfiltrated voters’ personally identifiable information from online voter registration servers in Alaska in September, and the information likely was used for voter intimidation and propaganda purposes, state officials say.

See Also: Top 50 Security Threats

Registered voters’ names, dates of birth, driver’s licenses or state identification numbers, last four digits of their Social Security numbers, mailing addresses and party affiliation were compromised, according to officials at the Alaska Division of Elections.

Election officials told the Juneau Empire newspaper that 113,000 voter records were potentially exposed.

"The flaw they [hackers] exploited did not allow them to manipulate the data in the system,” state election officials said in a statement. “The evidence thus far indicates the actors used the information for voter intimidation and propaganda, which was likely their primary goal."

The hackers gained access to the data between Sept. 19 and Oct. 17, but the breach wasn’t discovered until Oct. 26, officials said. Although certain data was copied and removed, officials say there’s no evidence any data residing on the servers was altered or deleted.

"I have full confidence in the voting process and in the final 2020 election results," says Lieutenant Governor Kevin Meyer. "Our voting procedures, ballot tabulation systems and election review processes are not linked to the voter registration system that was compromised, and we have other safeguards that ensure every voter’s registration can be verified."

Data Extracted

"The state’s preliminary investigation confirmed the initial findings – that Alaskan voter records were extracted from a publicly exposed web page by an unauthorized party using publicly available tools, but no data was altered," state officials said in the statement.

"An extensive investigation was also performed on the impacted servers, including a review of event logs and an audit of system memory, for indicators that data had been altered or deleted. There were no signs of this, either.”

The hackers attempted to gain access using several other methods but were rebuffed by the system’s cybersecurity defenses, officials said.

The Alaska Division of Elections did not immediately respond to Information Security Media Group’s request for comment.

Election Warnings

Federal officials released a flurry of warnings in the weeks leading up to the 2020 presidential election regarding disinformation campaigns.

Ironically, the U.S. Cybersecurity and Infrastructure Security Agency in September said claims made by foreign actors that they hacked voter data bases were inaccurate (see: FBI, CISA Again Warn of Election Disinformation Campaigns).


About the Author

Doug Olenick

Doug Olenick

News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to joining ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.