Cyberattack Compromises Unknown Number of Voter Records in Illinois

The Illinois State Board of Elections is recovering from and assessing the damage following a cybersecurity breach on July 12.

by / July 25, 2016
Government Technology
The Illinois State Board of Elections is recovering from and assessing the damage following a cybersecurity breach that compromised an unknown number of voter records on July 12.
 
Officials with the board said July 25 that the breach was first noticed in the main voter database system in the form of an SQL injection, a malicious code attack focused on accessing, modifying and/or deleting information housed in data-driven applications.
 
Deputy General Counsel Bernadette Harrington said the agency is not sure how many voter records were compromised or by whom, but said staff members are working to fill in the gaps.
 
"Right now we are still working through it, so we don’t really know the extent of what was obtained through the breach…," she said. "I can tell you that the method that was used was SQL injection, and they were able to inject SQL queries into our IVRS [Illinois Voter Registration System], which is our voter database, to access information. That was actually done through our POVA site, which is our paperless online voter application."
 
Harrington said operations on the voter database side of the house have returned to normal, but the registration website will remain offline for at least the next week. As for the information compromised in the breach, an unknown number of records were accessed.
 
"They were able to retrieve a number of voter records, which would include all of the information that is in the system, but as of right now we don’t know the exact number of voter records or the specific names of the individuals that were affected," Harrington said.
 
The Board of Elections said the stolen records include names, addresses, dates of birth, telephone numbers, driver's license numbers and the last four digits of Social Security numbers. According to figures provided by the board, there are roughly 7.8 million active voters, 696,600 inactive voters and 4.68 million cancelled voters in the IVRS.
 
Other information sought by the attackers was not accessed. According to Harrington, data thieves attempted to access image captures of voter signatures, but ultimately were not able to break into that system.
 
"We have no evidence that they added, changed or deleted any information," she said. "We also have in that system voter signature images, which are a capture of a voter signature, and they attempted to obtain that, but were unsuccessful."
Eyragon Eidam Web Editor

Eyragon Eidam is the Web editor for Government Technology magazine, after previously serving as  assistant news editor and covering such topics as legislation, social media and public safety. He can be reached at eeidam@erepublic.com.