Beijing obtained millions of voter records, here’s what DHS says China can do with them
Following revelations that China compromised over 200 million voter records, federal agencies are warning that the stolen data could be used to actively manipulate voter rolls and steal absentee ballots
The Department of Homeland Security warned that China could exploit compromised voter registration data to obtain absentee ballots, alter voter information, or delete registrants from state databases, according to a July memo obtained by Just the News.
President Donald Trump announced in a speech on Thursday that China has compromised more than 200 million voter registration entries affecting 18 states, citing newly declassified U.S. Intelligence Community records compiled by the Government Transparency Task Force created in May.
The findings triggered a review by the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) of voter registration systems. In that review, the agencies outlined exactly how this exposed data could be exploited.
The report warned that foreign countries, specifically China and Russia, have consistently targeted these state voter registration databases over the last decade.
“The impact of the breaches is not limited to ‘undermining confidence’ or ‘spreading false claims’ but the data itself could be used months or years after the breach to alter voter registration information,” the agencies wrote. “The real threat is what can be done with the stolen data.”
You can view the report below:
Here is a look at what the report says could happen to your voter registration record once compromised, and how bad actors could use it against you:
Malicious actors could obtain absentee ballots by stealing someone’s identity and casting it in their name. This is possible since in nearly every election jurisdiction, information required to apply for and receive an absentee ballot is stored in the voter registration database, and the data does not expire.
A breach can allow bad actors to access public information such as name, date of birth, and address, but also sensitive information like driver's license numbers, full or partial social security numbers, and voter signatures on file, the agencies warned. “That information could enable bad actors to request absentee ballots at scale for low-propensity voters.”
Secondly, a malicious actor could use data from a breach to alter the voter’s registration records, such as changing a voter’s address and therefore changing their polling station, or changing party affiliation to block their vote in an election. This would be particularly effective in states with strictly closed primaries like New York, Florida, or Delaware, where you must be registered with a political party to vote in that party’s primary.
The report notes that when “perpetrated at scale,” altering voter records could disenfranchise numerous voters. Further, when “carefully distributed,” such an attack could even go unnoticed, even if the scope was significant.
Bad actors could also execute these changes over time by using stolen data to bypass identity checks and log into official online state systems, or even delete voter registration files entirely, causing widespread disruptions in the administration of elections.
The report calls for steps to be taken by state and local election officials to protect voter registration databases, and limit ways that compromised data can be exploited, such as by using smart network monitoring and multi-factor authentication.
“Voter registration databases are the foundation of our voting system. State and local election officials must prioritize system security and implement safeguards to prevent the exploitation of data that may have already been exposed,” the report said.