How could this have happened?
The media has been reporting instances of Republican election judges receiving telephone calls misinforming them that their service was not needed on election day or that further training in remote far away places was required in order to participate as an election judge in Cook County Illinois.
The Chicago Cook County Board of Elections Has a Long History of Data Breach Events
Well, here are a few breaches previously reported that could have been the source for some or all of these phone calls.
- 2003 – A large breach of voter information including leaked social security numbers occurred when hundreds of disks were leaked. This resulted in litigation against the Chicago Board of Elections that was led at that time by Langdon Neal.
- 2006 October – Peter Zelchenko, who discussed being questioned about his actions by federal law enforcement, reported a breach of the chicagoelections.com website. Neubecker remembers talking to Zelchenko who expressed his interest was only to notify the public and not use the information in any way.
- 2012 November – Forensicon identified a breach of the ftp.chicagoelections.com website. (Neubecker notified law enforcement immediately and didn’t notify the public until the server had been secured)
Those breaches are notably missing from the Chicago Board of Elections’ news archives. http://www.chicagoelections.com/en/news.html
Anyone having the breached election judge information could have influenced the election
Not having election judges from opposing parties present in the polling locations creates the potential for tampering with the vote count, especially with the electronic machines used in Cook County.
Tampering indicators on security seals for electronic voting machines reported
On November 4th, 2014, Forensicon’s President Lee Neubecker, identified and reported tampering and audit control problems with the electronic voting machine he observed at his precinct in Suburban Cook County. On that General Election day, Neubecker noticed the seal on his voting machine had been tampered with (click photo at the left to view large version showing VOID VOID VOID on the top portion. The polling worker supervising the equipment explained that it was necessary to open the machine in order to replace the paper audit tape spindels. Neubecker called fraud hotlines for both Illinois Attorney General Lisa Madigan and Cook County State’s Attorney Anita Alvarez. Neubecker described the problem to the hotlines, including his observation that the labels protecting the electronic voting equipment from tampering had been previously removed (click picture on left to view large version of the tampered seal affixed to the electronic voting machine). A staff member answering one of the hotlines told Neubecker that it was necessary to break the seal in order to replace the paper inside and cited the election judge manual generally. Neubecker reviewed the election judge manual which specified that new seals should be replaced with the original broken seals documented by judges from both parties and placed in an envelope. Such process clearly wasn’t followed in this instance. Regardless, the concern remains that the paper trails could become lost, tampered with or swapped out in the precincts, especially if either party’s election judge isn’t present.
Printing a paper receipt and providing to the voter for them to sign with their right inked thumb print, and then having them drop the paper signed backup into a locked ballot box not accessible to the precinct poll workers would be a much more reliable system than that presently used.
Forensicon’s discovery of the November 2012 ftp.chicagoelections.com website databreach of voter and election judge information
Back in 2012, Forensicon’s President identified a security lapse of the chicagoelections.com website used by the Cook County Chicago Board of Elections. This was not the first time something like this occurred.
Forensicon’s President Lee Neubecker archived a complete copy of the non-password protected, public facing documents and files, then notified law enforcement and the election board. Once the Chicago Board of Elections had secured their webserver, Forensicon then notified the press of the breach, not wanting this to be stepped over and hidden from the public.
Following that, Neubecker met with the FBI and offered to hand off the hard drive containing all of the compromised information. After the FBI received the hard drive, Neubecker certified that none of the data copied by Forensicon was disseminated to any party and that all such copies of the information were destroyed from Forensicon’s realm of control.
Neubecker notified the FBI that there were still other copies of election judge worker’s personal information floating around the internet, even though Forensicon had no such copies in its custody. Even the popular website Google.com, contained cached copies of ftp.chicagoelections.com election judge application pdf documents. These applications, which included personal information such as name, address, telephone number, birth date and even drivers license numbers in some cases, were widely indexed by Google and other web crawlers. The FBI promptly reached out to Google.com following Forensicon’s notification of its discovery, resulting in Google no longer serving cached results for the compromised website. This information clearly could exist any number of places and could have been the source for the election judges telephone numbers used inappropriately to influence the Cook County 2014 General Election.
Forensicon certified that it had destroyed all the information collected and retained none of the exposed election judge applications, but did transfer all of this to the FBI. The PR staff with the Chicago Board of Elections were dismissive of the scope of the breach reported by Forensicon. Forensicon was advised not to further engage in media on these issues to avoid possible indictment by the U.S. Attorney who was investigating Forensicon’s actions at the request of the Chicago Board of Elections. Ultimately, neither Neubecker, nor Forensicon was charged with any crime for preserving the record of what information had been leaked.
Forensicon’s President Lee Neubecker still remembers seeing that the SQL database containing records of voter registrations (millions of records) that was left unprotected and exposed approximate to November 5th, 2012. This information in the wrong hands, could be used to identify duplicate voter registrations that remain active, despite the voter registering an a new location. Such voters records could be identified easily by someone having this information for the use of sending in imposters to cast votes in the previous residences of existing Cook County voters who relocated to a new residence.
Neubecker also remembers seeing more that a thousand election judge application pdf documents that contained personal information including emails and phone numbers, all of which were left unprotected on the ftp.chicagoelections.com website. Neubecker remember’s that these pdf applications had highly personal information, including that of CPS high school students, that had applied to serve as election judges on election day back in November of 2012. Most of the high school election judge applications lacked any signature in the parental signature area of the documents, yet included what appeared to be computer generated applications, rather than hand signed applications by the actual election judge applicants. The Chicago Board of Election’s November 28th, 2012 Facebook post about the breach can be found presently at: https://www.facebook.com/MobilePrecinctAssistant/posts/295244300586380
What should happen next:
- The FBI as well as Cook County authorities should look to see if the judges who received such calls, had their information publicly exposed as it existed on the copy of the leaked information approximate to November 6th, 2012 or the previous breaches.
- Such persons who received recent misinformation calls that previously served as election judges before the November 2012 data breach, should have been notified individually whether any of their personal information, including their phone number had been compromised. Forensicon passed off all of this information to the FBI on a hard drive that should be stored securely with the FBI.
- Each person who had their data breached should be afforded the opportunity to review the document containing their information that was leaked so that they are able to take appropriate actions to protect themselves.
- The media should interview judges who received such calls to identify the previous notification obligations were fulfilled as required by the Chicago Board of Elections.
- The Cook County Board of Commissioners should call for a public hearing on how the breaches of information continue to occur under the long tenure of Langdon D. Neal, Chairman of of the Chicago Board of Election Commissioners.
The integrity of our election system is at stake. While some improvements have been observed this election cycle, there still are major gaffes, such as that described in Lee Neubecker’s experience voting electronically yesterday. Read more about that here.
The public should demand more transparency and accountability for the recurring lapses.
Other interesting reading that suggests why there are so many problems with our election system in Cook County can be found at:
- Staff Recognized for Departing Employee Investigations - The first issue of Corporate Counsel Business Journal, CCBJ, includes an interview with our Director of Digital Forensics, Yaniv Schiff, and Solutions Architect, Curtis Collette, on the evolution of departing employee investigations. Departing Employee: When Do Investigations Become Necessary? appeared in the print publication, online edition, and on CCBJ’s In-House Tech website. For Increasing Numbers of Employers, Departing Employee Investigations[...Read More]
- Chicago Office Food Drive – The Results Are In - QDiscovery’s Chicago Office collected nearly 1,000 containers of food for the local food bank this Holiday Season! Our office competed with sister offices in Indiana and Connecticut. Alas, we came in third. Our sister offices each collected nearly 2,000 containers for their local food banks. Relatively new to the company-wide food drive, the Forensics Division[...Read More]
- QDiscovery QMobile App Wins Innovation Award - QDiscovery’s QMobile is winner of a 2017 Relativity Innovation Award. Presented at Relativity Fest, the Innovation Award celebrates organizations that create apps or integrations that extend the functionality of Relativity’s eDiscovery software. Our development team created an application that makes the analysis of mobile collections much more manageable. Relativity users can now produce and review mobile[...Read More]
- Moving and Changing - Acquired by Connecticut-based QDiscovery in 2016, Forensicon’s capabilities multiplied overnight, both in forensics brain power and eDiscovery expertise. As part of a leading provider of end to end litigation support, moving to larger offices that are more central to the Chicago legal community was inevitable.
- QDiscovery Named One of the Top 20 Providers of Legal Services! - Leading industry publication, CIO Magazine, has named Forensicon’s parent company, QDiscovery, to it’s Top 20 Providers of Legal Services. The annual listing includes 20 companies that are at the forefront of providing legal solutions and impacting the marketplace. Read the whole article here. Featured in the publication alongside QDiscovery President, Dave Barrett, is Director of Digital Forensics, Yaniv[...Read More]