By Terri Jo Neff
Articles published by some media outlets this week that top Arizona officials knew of a cyberattack of Maricopa County’s voter registration files last fall but have kept it hidden are incorrect, as shown by the level of news coverage the hack received in December and January.
Part of the problem, however, is Maricopa County officials did not respond to the cyberattack in a proactive manner when it was discovered during the 2020 General Election. There was no press conference nor even a press release advising the community that voter registration data had been hacked.
The dearth of updates has not helped instill voter confidence in the months since then if social media comments are representative of community mood. And a letter Maricopa County Recorder Stephen Richer has sent to some voters is not helping, as it contains an inaccurate claim about how county officials responded to the cyberattack.
News of the cyberattack was first announced in early December in a Forbes article which revealed FBI agents armed with a federal search warrant raided a Fountain Hills condominium on Nov. 5, 2020, two days after the General Election. The agents went to the residence of Ellen and Elliot Kerwin looking for evidence of the cyberattack, according to court records.
The search resulted in the seizure of several computers from the Kerwin home, along with eight hard drives, and a bunch of electronic accessories.
Megan Gilbertson, a Maricopa County spokeswoman, confirmed the cyberattack to Forbes for its Dec. 4 article and she has insisted that the only voter data the hacker or hackers accessed from Oct. 21 to Nov. 4 was information about voters which is already public by law.
“Analysis by the Maricopa County Recorder’s Office IT Security indicates an unauthorized individual gathered publicly accessible voter information from our website,” Gilbertson said. “Additional security controls were put in place to mitigate against this activity occurring in the future.”
But what Gilbertson failed to say is how someone was able to access the county’s voter registration files and whether the hacker tried to get into other county databases. Other Maricopa County officials have appeared to try to divert attention away from the cyber incursion or to minimize the impact, often stating there were “no problems” with the election.
Steve Chucri of the Maricopa County Board of Supervisors announced just hours before the Forbes article was published that he was considering asking for a third-party audit of the county’s Dominion Voting System machines, even as the canvas was still pending in the nation’s fourth populous county.
Then after Stephen Richer was sworn in as the county’s new recorder in January he sent a notice to some voters addressing the hack. The notice tells “Dear Voter” that the county’s IT Security Department “immediately identified the attack and successfully took steps to stop the activity.”
However, it is apparent from FBI documents that the IT department did not “immediately” stop the breach, as the attack occurred over 15 days.
A spokeswoman for the U.S. Department of Justice told AZ Free News in May the agency cannot comment about the cyberattack as it is part of an ongoing investigation. But voters seem to be growing impatient with the lack of accurate and timely information more than eight months after the hack.
Among the questions left unanswered is whether the cyberattack was undertaken simply to see if it could be done, or was it intended to cast doubt about the election? Also, was the hack possible due to lax county protocols or possibly even by the unintentional actions of a county employee?
More importantly, is Maricopa County’s reticence connected in any way to the board of supervisors’ refusal to comply with a Senate subpoena for access to the election department’s internet routers?
The most critical question, however, is when will county officials come clean with a complete explanation of how someone hacked the voter records of a major government body.