On Tuesday, the Colorado Secretary of State’s (Jena Griswold) office confirmed [1] that partial passwords to its voting systems had inadvertently appeared on its website, though the office assured voters that the information leak does not pose a security risk to the upcoming election.
With Election Day fast approaching and over 1.2 million ballots already cast, the disclosure raised concerns, prompting the office to report the incident to the Cybersecurity and Infrastructure Security Agency (CISA), which is investigating and taking action “where necessary.”
BREAKING: Colorado voting machine passwords were LEAKED online by the Democrat Secretary of State. Specifically, over 600 passwords for machines in 63 of the state’s 64 counties were posted for anyone to see
“BIOS passwords are highly confidential, allowing broad access for… pic.twitter.com/tPllgTsCUq [2]
— George (@BehizyTweets) October 29, 2024 [3]
According to the press release, the security of Colorado’s election systems remains intact. “This does not pose an immediate security threat to Colorado’s elections, nor will it impact how ballots are counted,” the statement read, detailing the state’s numerous security protocols.
Each piece of election equipment in Colorado utilizes two unique passwords, managed separately and accessible only through in-person physical access to the system.
Officials emphasized that these layers of security are designed to prevent unauthorized access and ensure that votes are securely counted.
BREAKING: Colorado voting machine passwords were leaked and posted online for months by the Democrat Secretary of State’s office. pic.twitter.com/2mZ9qe61Tg [4]
— TaraBull (@TaraBull808) October 30, 2024 [5]
In recent weeks, election security has been a significant focus, particularly as Colorado was involved in a legal dispute regarding former President Donald Trump’s eligibility on the state’s ballot.
After his conviction in a civil fraud case involving 34 felony counts for falsifying business records, an attempt was made to remove Trump from the ballot.
During the proceedings, Secretary of State Jena Griswold reported receiving death threats, as did other election officials in the state, underscoring tensions surrounding election security and integrity.
The breach follows a similar incident in Georgia, where just last week, the state’s absentee ballot system was targeted by a cyberattack.
Cybersecurity company Cloudflare identified the attack and prevented it from taking the absentee ballot system offline.
Gabriel Sterling, Chief Operating Officer of Georgia’s Secretary of State office, described the incident as a “probing attack” that likely originated from a foreign entity.
Despite these incidents, Sterling assured voters that the attack did not disrupt voting processes and that the state’s systems remain secure.
“Will you resign?”
BRUTAL! This interview was a disaster! pic.twitter.com/FXarvEMLF9 [6]
— Liz Harrington (@realLizUSA) October 30, 2024 [7]
CISA’s involvement in the Colorado case highlights the federal response to election security threats, which includes assisting state officials in identifying and rectifying vulnerabilities before Election Day.
With early voting numbers already high, Colorado is one of several states facing security scrutiny to ensure that all systems are prepared to handle potential cyber threats.
These recent incidents underscore the role of state and federal agencies in addressing and mitigating election security risks.
As Colorado’s election officials continue to address the disclosure of partial passwords, the focus remains on protecting the integrity of the voting process.