By JAKE TAPPER and REBECCA ABRAHAMS
Oct. 23, 2006
Oct. 23, 2006 - As if there weren't enough concerns about the integrity
of the vote, a non-partisan civic organization today claimed it had
hacked into the voter database for the 1.35 million voters in the city
Bob Wilson, an official with the Illinois Ballot Integrity Project --
which bills itself as a not-for-profit civic organization dedicated to
the correction of election system deficiencies -- tells ABC News that
last week his organization hacked the database, which contains detailed
information about hundreds of thousands of Chicago voters, including
their Social Security numbers, and dates of birth.
"It was a serious identity theft problem, but also a problem that could
potentially create problems with the election," Wilson said.
A nefarious hacker could have changed every voter's status from active
to inactive, which would have prevented them from voting, he said.
"Or we could've changed the information on what precinct you were in or
what polling place you were supposed to go to," he said. "So there were
ways that we could potentially change the entire online data base and
disenfranchise voters throughout the entire city of Chicago."
"If we'd wanted to, we could've wiped the entire database out," Wilson
Tom Leach, a spokesman for the Chicago Election Board, tells ABC News
that the problem seems to have arisen because the city's database
allowing voters to locate their voting precinct once asked voters for
detailed information such as Social Security numbers.
Approximately six years ago, Leach said, when the website was updated --
requiring only name and address -- city computer experts "never cut the
links to the Social Security numbers and the dates of birth."
Leach said he doubted the Illinois Ballot Integrity Project could have
disenfranchised voters or wiped out the database, but he and the
Election Board were very concerned and had taken steps to remedy
whatever problems exist, including bringing in an outside computer
forensic expert to verify that the database is secure and to ensure no
one had already hacked the database.
"We're also making arrangements to remove the Social Security numbers,"
he added, and the Election Board was also alerting law enforcement to
the problem as pointed out to them.
"Even though they could hack into the Web site, they couldn't hack into
the voter file," Leach said. "The Web site feeds into a copy file, not
the actual original file."
Leach said the issue had absolutely nothing to do with the city's
electronic voting machines, which are manufactured by Sequoia Voting
But Wilson counters that this is just one hole in a system that may be
full of them.
"This is a part of the entire electronic voting program that we're
depending on -- computerized voter databases and electronic voting
machines," Wilson said. "Any computer is subject to failure and security
flaws and we have seen in electronic voting hundreds of news reports
about dozens and dozens of jurisdictions where there are problems."
Copyright 2006 ABC News Internet Ventures
Visit the InfoSec News store!