Thousands of voting machine vendor employees' work emails and plaintext passwords appear in freely available third-party data breach dumps reviewed by CSO, raising questions about the security of voting machines and the integrity of past election results.
While breached sites, like LinkedIn after the 2012 breach, force users to change their passwords, a significant number of people reuse passwords on other platforms, making third-party data breaches a gold mine for criminals and spies.
For many years voting machine vendors have claimed that voting machines were air gapped — not connected to the internet — and were thus unhackable. Kim Zetter debunked that idea in The New York Times in February.
[...] CSO found five voting machine vendors in the third-party data breaches we reviewed, including more than two thousand credentials for the defunct Diebold, now owned by Dominion Voting.
[...] The breached credentials include key members of management, engineering, and operations teams for these companies. One case of password reuse over the last ten years would have been enough for an attacker to gain a foothold in a voting machine vendor's network and potentially compromise the integrity of voting machines — and election results.
Source: CSO
(Score: 3, Funny) by DannyB on Wednesday April 04 2018, @02:42PM
Voting machines should be built only by big secure companies.
I propose that precincts should only purchase voting machine equipment built by Facebook.
People today are educated enough to repeat what they are taught but not to question what they are taught.