Two Broward elections officials, and the elections office’s main email account, were sent phishing attempts by Russian hackers in the lead-up to the 2016 presidential election.
The attempts were part of a statewide attempt to hack election systems in Florida, according to the report released by Special Counsel Robert Mueller on Russian interference in the election. That report noted that the FBI had found some 140 elections officials were sent emails from Russian hackers pretending to be VR Systems, an elections technology company that contracts with the majority of Florida counties.
Anyone who opened the email and then opened an attachment found in it would allow the hackers access to the elections’ office’s internal systems. The Mueller Report noted that one elections official opened the attachment in Florida, but it’s still unknown who did it or in what county.
On April 18, when the report came out, Broward Supervisor of Elections Peter Antonacci told the South Florida Sun Sentinel that he was unaware of any phishing attempts made on the elections office. But emails obtained by the Sun Sentinel revealed that the phishing emails were sent to former supervisor of elections Brenda Snipes, who resigned over separate issues related to the 2018 election, and her administrative assistant, Patricia Santiago.
“The confusion and our incorrect reply was because my internal inquiry yielded a ‘no, we had not been hacked,’” Antonacci said on Thursday. “That is a true statement; our systems — then and now — showed no hacking of our system. However, it is now apparent that a hack was indeed attempted, and we were made aware of the potential email incident by VR sometime after that inquiry. We apologize for the confusion, but to be clear, our security system worked as it was supposed to; no ‘phishing’ emails made it through the system, and, as a result, our system was not hacked.”
Antonacci explained that the questionable attachment in the emails had been flagged by the office’s computer system and so the emails were sent to Snipes, Santiago, and the main email account after the attachment was quarantined, meaning it would be impossible for any employee of the elections office to have opened the attachment, even if they opened the email it was attached to. Moreover, as is typical of elections offices, the vote-tabulating computer system is a closed system, unconnected to the Internet, so even a successful hacking attempt would have been unable to affect it.
Just who did open the attachment, and which county’s computer systems may have been compromised, remains a mystery. The Mueller Report cited an FBI investigation as the source of the information that Russians had successfully hacked a Florida county elections office’s computers, but the Office of the Special Counsel did not conduct its own investigation into the matter and the report did not state which county had been potentially compromised.
The emails appear to have gone out solely to elections offices that were customers of VR Systems at the time of the 2016 election. Palm Beach County was not, and officials there said they received no emails as part of the Russian phishing expedition.
Staff writer Larry Barszewski contributed to this report.
dsweeney@SunSentinel.com, 954-356-4605 or Twitter @Daniel_Sweeney