HILLSBOROUGH COUNTY, Fla. — An investigation is underway after an unauthorized user illegally accessed files on a shared drive on the Hillsborough County Supervisor of Elections Office's network.
In a media alert Wednesday afternoon, Hillsborough County Supervisor of Elections Craig Latimer explained how after learning about what happened – federal, state and local law enforcement agencies were notified.
"We are working closely with those partners to ensure that this incident is thoroughly investigated," he said in a statement.
While having access to files on the shared drive, Latimer reassured residents that the unauthorized user didn't have access to the voter registration system or the ballot tabulation system.
According to the supervisor of elections, the voter registration system has multiple layers of protection, monitoring and redundancy. The ballot tabulation system is the same but also uses a stand-alone, air-gapped server that is not connected to anything else.
Latimer says the server has not been compromised in any way.
"Addressing this issue is my top priority right now, and I am proud to be working alongside law enforcement partners and cyber technology experts who understand and respect the seriousness of this incident," Latimer said in a statement. "I look forward to providing further information once the investigation concludes.
"Elections are critical infrastructure, and any attack on our office – even one that does not interfere with the conduct of an election – is an attack on our community and our democracy."
Cyber security expert James McQuiggan with KnowBe4 says the hacker may have been after a range of things.
"Money, they steal data, or they're looking to get some notoriety or some pride out of this," McQuiggan said.
McQuiggan speculates, right now, law enforcement will be working to figure out how the hacker got into their system.
"They're going to be able to go back, look at what files were accessed from what system, be able to go back, look at traffic, the network traffic that was happening on their network," he said.
However, he says tracing the source of the hack will be a challenge.
"Attribution can be very difficult because a lot of the time cybercriminals will do what they can to hide their own tracks, whether that's using virtual private networks, VPNs, hide where they're actually coming from," McQuiggan said.