Cyber Incident Victim: Kennesaw State University

On February 28, 2017, a server at Kennesaw State University (KSU) hosting state voter data maintained by the university’s Center for Election Systems was compromised in a hack. The breach occurred during the evening hours, according to sources cited in media reports. The compromised data included voter information managed by the center, though specific details about the accessed records or the number of affected individuals were not disclosed. The Federal Bureau of Investigation (FBI) initiated an investigation into the incident, indicating federal law enforcement’s involvement due to the potential sensitivity of election-related data. Georgia’s Secretary of State’s Office issued a statement on March 1, 2017, clarifying that its own network and centralized voter registration database—containing personal information for approximately 6.6 million Georgia voters—remained unaffected. This distinction aimed to mitigate public concerns about the integrity of the state’s primary voter system.

KSU and federal officials assumed primary responsibility for managing the incident response, with the Secretary of State’s Office deferring all inquiries to them. No further technical details about the attack vector, duration of unauthorized access, or containment measures were publicly released at the time of initial reporting. The incident raised immediate questions about the security protocols governing election infrastructure, as the Center for Election Systems supported Georgia’s election administration through ballot preparation and voting system testing. The breach underscored vulnerabilities in third-party systems handling critical election data, though authorities emphasized the separation between the compromised university server and the state’s core voter registration database. Investigations remained ongoing as of March 1, with no additional public statements confirming whether voter data was exfiltrated or misused.