Chicago Voter Database Hacked

ByABC News
October 23, 2006, 6:53 PM

Oct. 23, 2006 — -- As if there weren't enough concerns about the integrity of the vote, a non-partisan civic organization today claimed it had hacked into the voter database for the 1.35 million voters in the city of Chicago.

Bob Wilson, an official with the Illinois Ballot Integrity Project -- which bills itself as a not-for-profit civic organization dedicated to the correction of election system deficiencies -- tells ABC News that last week his organization hacked the database, which contains detailed information about hundreds of thousands of Chicago voters, including their Social Security numbers, and dates of birth.

"It was a serious identity theft problem, but also a problem that could potentially create problems with the election," Wilson said.

A nefarious hacker could have changed every voter's status from active to inactive, which would have prevented them from voting, he said.

"Or we could've changed the information on what precinct you were in or what polling place you were supposed to go to," he said. "So there were ways that we could potentially change the entire online data base and disenfranchise voters throughout the entire city of Chicago."

"If we'd wanted to, we could've wiped the entire database out," Wilson claimed.

Tom Leach, a spokesman for the Chicago Election Board, tells ABC News that the problem seems to have arisen because the city's database allowing voters to locate their voting precinct once asked voters for detailed information such as Social Security numbers.

Approximately six years ago, Leach said, when the website was updated -- requiring only name and address -- city computer experts "never cut the links to the Social Security numbers and the dates of birth."

Leach said he doubted the Illinois Ballot Integrity Project could have disenfranchised voters or wiped out the database, but he and the Election Board were very concerned and had taken steps to remedy whatever problems exist, including bringing in an outside computer forensic expert to verify that the database is secure and to ensure no one had already hacked the database.