Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
Jesse Bedayn

Colorado blunder accidentally exposes voting machine passwords online - but officials say everything is secure

Voting system passwords were mistakenly put on the Colorado Secretary of State’s website for several months before being spotted and taken down. - (AP)

Voting system passwords were mistakenly put on the Colorado Secretary of State's website for several months before being spotted and taken down, but the lapse did not pose an immediate threat to the upcoming election, said state election officials Tuesday.

The passwords were only one of two that are needed to access any component of Colorado's voting systems, and are just one part of a layered security system, said Jack Todd, spokesperson for the the Secretary of State's office, in a statement. The two passwords are "kept in separate places and held by different parties," he said.

"This is not a security threat," said Colorado Secretary of State Jena Griswold in an interview on 9News Tuesday evening. She said her office is investigating, that not all of the passwords in the spreadsheet were active and there is no reason to believe there's been a security breach.

Griswold said workers are changing passwords, looking at access logs and chain of custody books.

Colorado Secretary of State Jena Griswold said there was no security threat - despite the password’s being on her website for several months. (Copyright 2024 The Associated Press. All rights reserved.)

She frequently calls Colorado the gold standard for election security, though there have been some hiccups in the past. The error has brought criticism from the chairman of the Colorado Republican Party at a time of heightened scrutiny of the country's election systems, though U.S. elections remain remarkably reliable.

Colorado law requires that election equipment is surveilled and stored in secure rooms — access to which is guarded, tracked and logged. Colorado voters fill out paper ballots, which are audited after the election.

Election officials learned last week that the spreadsheet, which held the passwords in a hidden tab, was available online. Once the lapse was discovered, Todd said, they acted immediately and informed the U.S. Cybersecurity and Infrastructure Security Agency.

The executive director of the Colorado Clerks Association, Matt Crane, told 9News that while the lapse was concerning, the association was satisfied with the Colorado Secretary of State's response.

Chairman of the Colorado GOP, Dave Williams, sent a letter to the department Tuesday demanding that, among other things, the secretary of state confirm that the exposed passwords have since been changed.

Earlier this month, a Colorado county clerk, Tina Peters, was sentenced to nine years behind bars for a data-breach scheme based in false claims about voting machine fraud in the 2020 presidential race.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.