Chicago Voter Database Hacked
Civic Group Claims It Could Have Tampered With Voter Roles
By JAKE TAPPER and REBECCA ABRAHAMS
Oct. 23, 2006
As if there weren't enough concerns about the integrity of the vote, a non-partisan civic organization today claimed it had hacked into the voter database for the 1.35 million voters in the city of Chicago.
Bob Wilson, an official with the Illinois Ballot Integrity Project -- which bills itself as a not-for-profit civic organization dedicated to the correction of election system deficiencies -- tells ABC News that last week his organization hacked the database, which contains detailed information about hundreds of thousands of Chicago voters, including their Social Security numbers, and dates of birth.
"It was a serious identity theft problem, but also a problem that could potentially create problems with the election," Wilson said.
A nefarious hacker could have changed every voter's status from active to inactive, which would have prevented them from voting, he said.
"Or we could've changed the information on what precinct you were in or what polling place you were supposed to go to," he said. "So there were ways that we could potentially change the entire online data base and disenfranchise voters throughout the entire city of Chicago."
"If we'd wanted to, we could've wiped the entire database out," Wilson claimed.
Tom Leach, a spokesman for the Chicago Election Board, tells ABC News that the problem seems to have arisen because the city's database allowing voters to locate their voting precinct once asked voters for detailed information such as Social Security numbers.
Approximately six years ago, Leach said, when the website was updated -- requiring only name and address -- city computer experts "never cut the links to the Social Security numbers and the dates of birth."
Leach said he doubted the Illinois Ballot Integrity Project could have disenfranchised voters or wiped out the database, but he and the Election Board were very concerned and had taken steps to remedy whatever problems exist, including bringing in an outside computer forensic expert to verify that the database is secure and to ensure no one had already hacked the database.
"We're also making arrangements to remove the Social Security numbers," he added, and the Election Board was also alerting law enforcement to the problem as pointed out to them.
"Even though they could hack into the Web site, they couldn't hack into the voter file," Leach said. "The Web site feeds into a copy file, not the actual original file."
Leach said the issue had absolutely nothing to do with the city's electronic voting machines, which are manufactured by Sequoia Voting Systems.
But Wilson counters that this is just one hole in a system that may be full of them.
"This is a part of the entire electronic voting program that we're depending on -- computerized voter databases and electronic voting machines," Wilson said. "Any computer is subject to failure and security flaws and we have seen in electronic voting hundreds of news reports about dozens and dozens of jurisdictions where there are problems."