Cyber Incident Victim: US County Database
Date:
Jan 2016
Location:
United States of America
Summary
Hackers compromised a US county database during a national election, successfully altering voter data which was later detected and restored by officials. The breach exposed approximately 90,000 records, predominantly containing personal information, with Russian-linked actors implicated in accessing systems across multiple states. While widespread targeting occurred, fewer than a dozen intrusions resulted in sufficient access to manipulate or exfiltrate data. The incident raised concerns about election integrity but yielded no evidence linking stolen information to a specific political campaign.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In 2016, hackers successfully accessed and altered voter registration data in a US county database during the presidential election cycle. According to reports from Time magazine, based on accounts from current and former officials familiar with the incident, the breach involved unauthorized modification of voter records. The alteration was subsequently detected by election officials, who restored the compromised information to its original state. While the specific county was not disclosed, the intrusion formed part of a broader pattern of cyberattacks targeting election infrastructure. Russian hackers accessed nearly 90,000 voter records containing personal information, with 90% of those records including sensitive details, as confirmed by Ken Menzel, general counsel for the Illinois State Board of Elections. Anthony Ferrante, a former FBI cybersecurity official, stated that Russian targeting of state election systems intensified throughout 2016, with attacks likely attempted against all 50 states by November. Department of Homeland Security officials testified before the Senate that election systems in up to 21 states may have been targeted during this period.
The incident prompted heightened scrutiny of election security protocols and federal investigations into foreign interference. Officials confirmed that fewer than a dozen successful intrusions occurred where attackers gained sufficient access to alter, delete, or download data. Despite the restoration of compromised records in the county database case, the breach raised concerns about the integrity of voter registration systems and potential erosion of public trust in electoral processes. No evidence linked the Trump campaign to the stolen data. The disclosures emerged amid ongoing congressional hearings by House and Senate Intelligence Committees examining the scope of Russian interference operations. The successful alteration of voter data in at least one jurisdiction demonstrated vulnerabilities in decentralized election administration systems while highlighting the challenges of securing critical infrastructure against state-sponsored cyber campaigns.