Skip to content

December 16, 2016

Hacker breaches the US agency that certifies voting machines

by John_A

In the year of “rigged” election claims, security firm Recorded Future says it identified a Russian-speaking hacker attempting to sell accounts that have access to the US Election Assistance Commission. While may not be familiar with the EAC, it’s the agency in charge of certifying voting machines and providing best practices used in elections. In a statement, the EAC confirmed it’s aware of a “potential intrusion” and says it’s working with law enforcement.

Screenshot of EAC internal site, obtained by Recorded Future

According to Recorded Future, a hacker going by the name Rasputin was trying to sell an unpatched system vulnerability, and it identified more than one hundred logins that were compromised. The hacker apparently used an SQL injection to obtain the list of logins and passwords that were eventually cracked. With that kind of access, someone could access testing plans and results for various voting machines. The EAC does not store voter’s personal information or vote totals.

Source: Recorded Future, US EAC

Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: