Personal information of an estimated 113,000 Alaska voters was exposed in the run up to this year’s general election and may have been used to distribute propaganda aimed at undermining the election, state officials said today, but there’s no evidence hackers altered the outcome of the 2020 elections.
During a news conference with reporters, state officials said “outside actors” were able to take advantage of a security flaw in the state’s online voter registration system to see and copy voter registration information—including birth dates, driver’s license ID numbers, contact information and party affiliation—of voters who used the system since 2015.
They were not able to make changes to the voter registration system, the state said, and the election results were never accessible to the hackers.
The state became aware of the intrusion on Oct. 27 but waited to make it public while they investigated the scope of the problem. They say they’re currently in the process of notifying the affected voters and providing them with identity theft monitoring services. Assistant Attorney General Cori Mills said no economic data—such as credit card information or dividend information—is attached to the database and the state has seen no corresponding uptick in identity theft.
The state plans on sending mailers to affected voters but also set up a call-in number: 1-833-269-0003.
Much of the details beyond that—such as the possible identity of the “outside actors” or how they accessed the database—were limited as state officials cited the ongoing investigation.
Election officials were clear, though, that the database that was accessed is separate from anything used to conduct the election or tabulate its results and therefor nothing related to the election was altered.
“What I want to tell Alaskans is that the results of the election are accurate, and we have been doing hand counts to verify that,” said Lt. Gov. Kevin Meyer during today’s news conference. “The online voter registration system that had this flaw that has exposed Alaskans’ data has been fixed, has been repaired.”
Officials were asked if the information might have been used to send threatening emails to some voters in Alaskans under the guise of the right-wing Proud Boys group, which went out in the days after the state became aware of the hack.
Alaska Chief Information Security Officer Mark Breunig declined to confirm the link but said noted that they were likely used for intimidation and propaganda. He couldn’t provide evidence of why they drew that conclusion but pointed to an Oct. 22 alert from the U.S. Cybersecurity and Infrastructure Security Agency that warned outside actors had obtained voter-registration data with the intent to spread disinformation and sow discord in the elections.