Voter roster omissions in June 5 election in Los Angeles is not a cyber attack

By Abner Galino

Image by xforcethreatmanagement.mybluemix.net

AN extensive independent review by information technology leader IBM Security Services identified software misconfigurations and not a cyber attack caused the omission of 118,509 names from the printed voter rosters in precincts across Los Angeles County during the conduct of the June 5 Primary Election.

No voters were removed from voting rolls because of the roster error, and their right to vote was never at issue, according to the Registrar-Recorder/County Clerk.

The roster print problem ultimately affected approximately 12,000 voters who went to the polls to cast provisional ballots.

The votes were processed immediately and counted as part of the official election results.

The independent review verified that there was no pattern of voters being excluded from the printed roster due to demographic characteristics or geographic boundaries.

In its investigation of the omissions, IBM found that formatting changes in the statewide voter database made it incompatible with the software the County uses to generate the printed lists for polling places.

According to IBM, the County’s Voter Information Management System application had not been updated to process this state format change, so the system generated voter records with empty spaces for the birthdates of 118,509 voters.

Since the birthdates were missing, the County’s system incorrectly classified these voters as “underage” and left them off the printed precinct rosters.

IBM ran multiple simulations to determine what happened. It found that the incompatible state database was initially used to develop a voter roster file for printing.

That initial export was stopped after 118,509 records were processed with empty birthdate fields. Then a second export was started, using the County’s own voter database.

That export generated correct voter information.

However, the system did not clear the erroneous data from the first export. As a result, the incorrect data was merged with correct data, leading to the error in printing the rosters.

In its review, IBM also investigated a 21-minute outage of the County’s voter information website LAVote.net on the evening of the election after the polls had closed.

It found no evidence of a cyber attack and attributed the outage to heavy demand on the website.

IBM recommended that the County undertake a series of corrective actions, including:

  • Updating the software code so the state and local voter databases are compatible.
  • Implementing new quality control practices for Registrar-Recorder/County Clerk staff.
  • Resolving deficiencies in the system used to create the printed voter roster.
  • Increasing capacity and changing configurations on LAVote.net to accommodate periods of high demand

Registrar-Recorder/County Clerk Dean Logan said the County has already put in place measures to ensure that voter rosters are correctly printed for the General Election on November 6, 2018.

IBM Security Services’ full incident assessment and root cause analysis included a forensic review of the systems, procedures and agencies used in preparing and producing precinct rosters for the County’s 4,357 voting precincts and more than 5.1 million voters.

The review also included testing of networks, servers and databases to evaluate any potential vulnerabilities and to assess the effectiveness of security controls, policies and quality control processes.

The review was conducted with the assistance of the County’s Chief Information Officer and Auditor-Controller.

In related development, LA County Supervisor Janice Hahn released a statement regarding the results of an investigation into the problems voters experienced during the June 5, 2018 election.

The independent investigation has shown that the problems voters experienced during the June 5 election had nothing to do with foul play but were the result of a software error,” said Supervisor Janice Hahn.

While I am relieved that this was not a cyberattack, what happened was unacceptable and we are going to ensure that the Registrar-Recorder’s Office fixes this issue so that this never happens again. Now more than ever, we need to ensure the public’s trust in our election system.”

Supervisors Janice Hahn and Sheila Kuehl have authored a motion that instructed the Registrar-Recorder’s office to implement reforms to fix the said problem.

Supervisor Hahn and Supervisor Kuehl’s motion will instruct the Registrar-Recorder/County Clerk to implement the following:

  • Work with the Secretary of State to update existing software to ensure that the state and local voter databases are compatible;
  • Implement new quality control practices for Registrar-Recorder/County Clerk staff;
  • Resolve deficiencies in the system used to create the printed voter roster; and
  • In consultation with the Internal Services Department, increase capacity and change configurations on LAVote.net to accommodate periods of high demand.

 

BD Admin: You think your friends gonna like this piece? If you do, kindly share it. Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.