Watchdog group finds security flaw in Chicago elections site
Chicago city officials are investigating a security glitch in its elections website that hackers could have used to swipe Social Security numbers and the personal information of about 1.3 million voters.
It wasn't immediately clear if anyone actually stole or misused any of the information, Chicago Board of Elections spokesman Tom Leach said.
The website is designed to enable Chicago residents to register to vote online. It also explains how and where to cast ballots.
About 1.3 million former and current registered voters have personal information on the site, which includes about 780,000 Social Security numbers, Leach said.
He said the problem had been fixed and a forensic computer expert would be brought in to examine the site's logs for any signs of illegal access.
"Obviously, we are very concerned," Leach said. "We have no reason to believe there was [theft], but we want to be able to assure people there wasn't."
A watchdog group, the Illinois Ballot Integrity Project, exposed the vulnerability and alerted officials last week, Leach said.
"This was a very serious vulnerability," project member Peter Zelchenko said.
A malevolent hacker could have tampered with voter registration data, such as inactivating certain voters' registration or changing their polling places in the online database, as well as accessed Social Security numbers, names, birth dates and addresses, the group said.
Leach said the site cannot be used to access the city's electronic vote-counting systems.
"Everyone can be assured their votes will be counted and counted accurately," he said.