CISA and FBI say they have not seen cyber-attacks this year on voter registration databases

CISA and the FBI issue a joint statement about election and voter database hacking threats after a misleading article in Russian media today.
Written by Catalin Cimpanu, Contributor
Image: Element5 Digital

The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation said today that they have not seen any cyber-attacks target US voter registration databases and voting systems this year.

The two agencies issued a joint statement today after an article in Russian media had gone viral earlier this morning.

The article, published by Russian news agency Kommersant, claimed that a Russian hacker had obtained voter records for more than 7.6 million Michigan voters following an intrusion into the state's database earlier this year, in March.

According to Kommersant, the hacker also claimed to be in possession of voter records for Connecticut, Arkansas, Florida, and North Carolina voters, but in smaller numbers, and was making all the databases available for free on a hacking forum since July.

While most voter records in US states are available for free, the hacker claimed that at least the Michigan voter database contained fields that were meant to be private, such as emails and dates of birth.

CISA and the FBI say there was no hack

But in a joint statement published on Twitter today, CISA and the FBI claim that such a hack never happened. In fact, they haven't seen any cyber-intrusions into election systems at all.

"CISA and the FBI have not seen cyber-attacks this year on voter registration databases or on any systems involving voting," the two agencies said.

Furthermore, later in the day, Michigan and Connecticut state officials have also denied claims that they've been hacked, in statements released to NBC News reporter Kevin Collier.

The two states also reminded US voters that their respective voter databases are public, and anyone can obtain them for free, or by filing an FOIA (Freedom of Information Act) request, effectively calling the Kommersant report a non-story.

Nonetheless, this didn't stop today's Kommersant article going viral and causing panic among some US voters, with the report trending on Twitter US at one point earlier this morning.

The ludicrousness of thousands of Americans sharing a story from a Russian news site without questioning its reporting or authenticity was punctuated later in the day when both Facebook and Twitter announced they shut down a Russian-sponsored news site for misleading articles on US politics.

The FBI's most wanted cybercriminals

Editorial standards