In a concerning development ahead of the upcoming election, Colorado Secretary of State Jena Griswold revealed a significant security breach involving voting equipment passwords. These passwords were publicly accessible for an alarming four months, raising serious questions about the integrity of the state’s electoral process.
The breach was discovered on October 24th, but the public was not informed until the Colorado Republican Party revealed it in an email five days later. Griswold, a Democrat, defended her office’s decision to withhold this information, stating that she wanted to assess the “size and scope of the disclosure” before making it public. However, this explanation has been met with criticism, with many questioning the delay in disclosing such a serious security vulnerability.
The passwords were posted on June 21st and were removed on October 24th. According to Griswold’s office, a former staff member, who left the department amicably, created a spreadsheet containing the passwords in a hidden tab. This spreadsheet was then inadvertently uploaded onto the Colorado Department of State’s subpage for voting system equipment.
The revelation of this breach has sparked outrage from both Republicans and Libertarians. The Colorado Republican Party has condemned the incident, calling it a “serious security lapse.” The Colorado Libertarian Party has even filed a lawsuit against the state, citing the breach as evidence of a lack of security measures surrounding Colorado’s elections.
Griswold has assured the public that Colorado’s elections are secure and that the affected equipment has undergone password updates. However, the incident has raised significant concerns about the state’s election security protocols. The Colorado Secretary of State’s office has launched an investigation, led by an external law firm, to determine how the breach occurred, how to prevent future occurrences, and to provide recommendations for improvement.
This incident highlights the importance of robust cybersecurity measures to protect the integrity of elections. It underscores the need for greater transparency and accountability when it comes to security breaches, especially those involving sensitive election-related information. While the passwords have been removed, the implications of this lapse in security remain a cause for concern.
