Just as Georgia prepared for a high-profile congressional run-off vote, it transpired that nearly 7m of its voter records have been exposed on the internet and freely available to hackers. Logan Lamb, an Atlanta-based private security researcher, stumbled upon a gaping security hole in the form of a misconfigured server at the organisation that manages Georgia’s election technology, giving malicious agents the opportunity to plant malware, rig votes or disrupt voter rolls during elections.
Georgia’s voting system relies on rather archaic touchscreens which do not produce any hardcopy backup, leaving it particularly vulnerable to undetected interference. Lamb first alerted the Center for Election Systems ahead of the national election in November 2016, at a time when concern over US election security was a hot topic. The director of the centre assured him the glitch would be fixed and asked him to keep it under his hat. However, when a colleague of Lamb’s found that the fix was incomplete, the two researchers indirectly alerted the FBI. Georgia’s election outcome could be important as public opinion indicator on the Trump administration.
It’s not the first time, and it’s unlikely to be the last, that voters’ data has been exposed.