close
close

Association-anemone

Bite-sized brilliance in every update

The judge considers the Griswold office’s password leak of election machine passwords
asane

The judge considers the Griswold office’s password leak of election machine passwords

A Denver judge on Monday night declined to immediately rule on a lawsuit that sought to force a recount in more than half of Colorado’s counties as a result of an accidental leak of voting equipment passwords continued in the last 24 hours of the election.

District Judge Kandace Gerdes heard four hours of testimony in a hearing called in the lawsuit filed by the Colorado Libertarian Party. The leak was reported separately last week by the state Republican Party and secretary of state Jena Griswold, Democrat.

A lawyer for the Libertarian Party argued that the leak, uncovered by a prominent 2020 election denier, compromised the integrity of the election. The process also seeks to destroy the affected electoral equipment.

Griswold, meanwhile, announced that she would hire a “well-regarded” law firm to conduct an outside investigation into how the information was posted on her office’s website — in a hidden tab on a calculus – a few months before they were discovered.

In court Monday, attorneys representing Griswold argued the passwords weren’t enough to compromise voting systems and that the libertarians’ request would sow “chaos” across the state as clerks prepared to close the polls at 7 p.m., Tuesday. Griswold’s office said that to use the passwords, a person would need physical access to the equipment, along with additional passwords that were not included in the released spreadsheet.

During the hearing, no evidence was presented to indicate that voting systems were compromised or improperly accessed. First Assistant Attorney General LeeAnn Morrill said suggestions otherwise were based on “assumptions” and “fear mongering.”

Last week, after the breach was revealed, Griswold immediately came under fire. Regardless of how Gerdes feels about the libertarian process, other election officials are bracing for further litigation and fallout from the release of the passwords, which came just days before the presidential election, that some elements of The Republican Party was already trying to undermine it.

Matt Crane, CEO of Colorado County Clerks Associationtold The Denver Post that some Colorado Republican officials were already planning to challenge the state’s ballot certification.

“The software leak is a valid leak for people to be concerned about,” said Crane, a Republican who previously served as Arapahoe County clerk. “But I think it’s toned down. … But bad actors will do what they do. We know that.”

Griswold says leak ‘unfortunate’

Release of passwords it was revealed on October 29when the Colorado Republican Party announced that a spreadsheet had been released Secretary of State website included a hidden tab specifying the codes. The party also released a redacted version of an affidavit from an unnamed person who found the passwords in the spreadsheet.

The affidavit was filed by Shawn Smith, a retired Air Force officer who previously searched to undermine the results of the 2020 election. The Post obtained a copy of the affidavit on Monday, and it was later described by Smith during the court hearing.

Smith testified that he discovered the passwords while reviewing the spreadsheet on October 24. In his affidavit, Smith indicated that he accessed the spreadsheet twice in October and once in August, although the affidavit does not clearly state when Smith identified the presence. of passwords.

In February 2022, Smith bluntly told a conservative group that Griswold committed election crimes and that anyone involved in election fraud should be executed.

It’s unclear how the state Republican Party — led by another election denier, Chairman Dave Williams — learned of Smith’s claims. Smith testified that attorney John Case contacted him to ask him to prepare an affidavit about his findings, although he did not indicate how Case knew to contact him. Case, who was in court Monday, declined to answer when asked by a reporter how he learned of Smith’s findings.

In a statement Monday, Griswold’s office said officials learned of the password leak on Oct. 24 — the same day Smith said he learned about it — from a voting machine vendor.

After conducting an assessment of how widespread the breach was, officials determined that 34 of Colorado’s 64 counties were affected.

Griswold’s office didn’t alert the public — or county officials — about the password release until after the Colorado GOP announced it. In an interview Monday, Griswold said she regrets both the release of the passwords and that county officials learned about it through the media rather than from her office.

All passwords released have since been changedshe said, and the state election remains safe.

“We discovered an error that is unfortunate, and we took as careful and measured steps to address it (as we could) in an atmosphere filled with threats and misinformation,” Griswold said.

Griswold’s office confirmed that the staff member who created the spreadsheet — which was posted online June 21 — “amicably left” his job long before the passwords were discovered.

She said her office has also contracted with Garnett Powell Maximon Barlow & Farbes, a Denver law firm, to conduct an outside investigation into what happened. She said the timeline for that investigation is still being determined.

Reviewing security images

Christopher Beall, Griswold’s deputy, testified in court Monday that the state is reviewing 24-hour surveillance footage, among other security monitoring, to determine whether anyone had improper physical access to voting equipment in Colorado counties. Those procedures were put in place after former Mesa County Clerk Tina Peters improperly accessed voting systems after the 2020 presidential election.

Beall said the ongoing review has not identified any improper access.

“We are continually working to build trust in our choices,” Griswold told The Post. “The Colorado election is safe. We have multi-layered security at every step. We have strong security measures, internally and externally, and we always try to move as quickly as possible in the environment.”

While machines are used to count the votes, people still vote on paper ballots. And counties across the state conduct analyzes called risk mitigation audits, which compare ballots with the results counted after each election.

Griswold faced Republican ire for his criticism of former President Donald Trump and election conspiracies. One man pleaded guilty last month making death threats against her and others. Earlier this year, state House Republicans sought to impeach her for calling Trump an insurrectionist and for other criticisms made from her official position.

Shortly after the breach was made public last week, Sen. Kevin Van Winkle, a Highlands Ranch Republican, REQUESTED that the Legislative Audit Committee hold an emergency meeting to assess whether the state’s election systems have been compromised. Doing so would provide a venue to answer questions such as whether the breach was intentional when the passwords were posted, he wrote.