Millions of Georgia voters may have had their personal information compromised for the second time in as many years, as the Federal Bureau of Investigation opened an investigation Friday at Kennesaw State University’s Center for Election Systems involving an alleged data breach, writes http://www.myajc.com.
As many as 7.5 million voter records may be involved, according to a top state official briefed on the information but not authorized to speak on the record. Neither federal officials nor university officials would confirm the scope of the investigation or how many records had potentially been accessed.
State officials found out about the breach Thursday evening, after being notified by the university. The governor’s office said it asked the Georgia Bureau of Investigation to contact the FBI after learning about the scope of the problem.
The Georgia Secretary of State’s Office said Friday that the investigation is not related to its own network and is not a breach of its own, separate database containing the personal information of 6.6 million voters currently registered in Georgia. The office referred all other questions to both university and federal officials.
In 2015, the Secretary of State’s Office inadvertently disclosed the Social Security numbers and other private information of more than 6 million registered voters. That data went to 12 organizations, including media outlets and political parties, who regularly subscribe to “voter lists” maintained by the state, although the office later said all 12 discs containing the data were either recovered or destroyed.
If a breach occurred involving voter records, it would likely have to do with the logs used to create the electronic poll books. It also would likely have come through the university’s own information technology system, given the statement from the Secretary of State’s Office that its network and systems were not involved.
The university’s IT system would have provided the most likely gateway into the center’s servers and into the logs used by the center to build the poll books.
It is unclear, however, exactly how it happened, exactly what information was taken or whether the breach was malicious.