The saga of the leaked voting machine passwords from the Colorado Secretary of State's Office has come to a close without criminal charges, Denver District Attorney Beth McCann announced, after a thorough investigation into the incident that occurred earlier this year spanned seven weeks. According to Denver7, McCann stated that the passwords "were published in error" and did not meet the threshold for criminality under the specific Colorado statutes in question.
Details from the investigation reveal that partial passwords for election systems in nearly every Colorado county were mistakenly published on the official Secretary of State website back in June, wherefore they remained accessible for a period extending beyond three months, as reported by KDVR. Despite this breach, the state has assured that the integrity of the elections remained uncompromised, and the passwords in question have since been updated to secure the systems.
Amid concerns of how the breach could affect the election process, or the security of the voting infrastructure, Colorado Secretary of State Jena Griswold addressed the Joint Budget Committee to allay fears, admitting to a delay in notifying both the governor and county clerks but affirming adherence to cybersecurity best practices. Griswold's office has engaged an external firm to conduct a parallel inquiry into the incident, as mentioned by CBS News Colorado.
In her statement, DA McCann elucidated that charges would require evidence that the leak occurred "knowingly, arbitrarily or capriciously," which the investigation did not support, there is no indication that the passwords were published to influence the outcome of an election, as detailed by Denver7. With no such indication found, the decision to forgo criminal charges has been settled, concluding this chapter of electoral cybersecurity lapses within the state.
