https://www.nbcnews.com/politics/elections/security-experts-say-georgia-s-voter-database-vulnerable-hackers-n931266
Nov. 5, 2018 / 2:51 PM GMT+1
By Associated Press
ATLANTA — Georgia's online voter database morphed into a last-minute curveball in one of the nation's hottest governor's races, with Republican nominee Brian Kemp making a hacking allegation against Democrats just as reports emerged of a gaping vulnerability in a system that Kemp controls as secretary of state.
An attorney for election-security advocates suing Kemp in his role as Georgia's chief elections officer notified the FBI and Kemp's office on Saturday that a private citizen alerted him to what could be a major flaw in the database used to check in voters at the polls. Independent computer scientists told The Associated Press that it enables anyone with access to an individual voter's personal information to alter that voter's record.
In response, Kemp asked the FBI on Sunday to investigate the Democratic Party for trying to hack the system.
"While we cannot comment on the specifics of an ongoing investigation, I can confirm that the Democratic Party of Georgia is under investigation for possible cybercrimes," said Candice Broce, who works for Kemp.
University of Michigan computer scientist Matthew Bernhard, told the AP that anyone with access to an individual voter's personal information could alter that voter's record in the system.
Another computer security professional who reviewed the vulnerability — without attempting to probe it for fear of prosecution — is Kris Constable of PrivaSecTech in Vancouver, Canada. "Anyone with security chops would have detected this problem," he said, "so (the system) clearly has never been audited by any computer security professional.”
The accusation is not the first from Kemp accusing outsiders of trying to penetrate his office. Immediately after the 2016 general election, Kemp declared that DHS tried to hack his office's network, an accusation dismissed as unfounded in mid-2017 by the DHS inspector general.