Alaska’s Online Voter Registration System was hacked
Alaska’s online voter registration system was compromised a few weeks prior to the 2020 general election, as unknown “outside actors” released voters’ personal information in a purported attempt at voter intimidation. While the extent of the incident is still under investigation, released information includes names, addresses, birthdates and license numbers of roughly 113,000 voters. Alaska’s online voter registration system is not connected to its vote counting equipment and the Alaska Division of Elections determined that the results from the 2020 general election are secure and no other systems or data were impacted.
According to a fact sheet from the State of Alaska, the incident took place between September 19 and October 17, as an outside actor “exploited a flaw to access voter information.” The flaw is in the online voter registration system, which is part of the Division’s Voter Registration and Election Management System, or VREMS. The Division worked with an outside vendor to build VREMS, which was first used in 2015. According to a press release from Alaska Lieutenant Governor Kevin Meyer’s office, the flaw was remedied as soon as it was discovered. “At this time, the Online Voter Registration System website is secure, fully functional, and the flaw has been remedied,” reads the release.
According to the release, Meyer was first notified about the incident in late October. Meyer said that the State is still working to understand the situation and the extent of the exposure. Much remains unknown, including the identity of the interferers.
Yet the State is confident that the incident was not an attempt at voter fraud. According to the release, the motive for the breach of data was voter intimidation—to “spread propaganda and shake voter confidence”—rather than to tamper with the election results. “There is no evidence that the actors changed, deleted or added to the information in any way—indeed, the flaw they exploited did not allow them to manipulate the data in the system,” reads the State fact sheet. While interferers were able to access and copy the personal information of voters, they could not alter that information. Moreover, how individuals voted is not part of the database, because Alaska does not track that information.
Another reason for confidence in Alaska’s 2020 election results is because the division has several security measures in place. These include cross-checking the machine’s tallies with paper ballots and precinct sheets and conducting a hand-count audit of machine votes.
Alaskans whose information was exposed have been notified by mail, and those voters whose information may have been released will soon be notified as well.
Also in October, some Alaskans registered with the Democratic party received threatening emails. The emails, intended to intimidate voters, warned recipients to vote for thenpresident Donald Trump or else they would face consequences. The messages were sent to Democrats in multiple states, and United States officials later said that Iran was behind the emails. It is unclear if there is a connection between the two incidents.