The federal government Friday told election officials in 21 states, including Texas, that hackers targeted their systems before last year’s presidential election.
“There was an attempt to find a vulnerability on our agency’s public-facing website, which contains no voter information, but no vulnerabilities were found, according to DHS,” said Sam Taylor, communications director for the Texas secretary of state’s office. “To date, we have received no information indicating any elections-related systems in Texas have been compromised by bad cyber actors.”
The state’s voter registration database was not a target, he added.
The notification came roughly a year after U.S. Department of Homeland Security officials first said states were targeted by hacking efforts possibly connected to Russia.
The states that told The Associated Press they had been targeted included some key political battlegrounds, such as Florida, Ohio, Pennsylvania, Virginia and Wisconsin.
The AP contacted every state election office to determine which ones had been informed that their election systems had been targeted. While not all responded immediately, the others confirming they had been targets were Alabama, Alaska, Arizona, California, Colorado, Connecticut, Delaware, Illinois, Iowa, Maryland, Minnesota, Oklahoma, Oregon and Washington.
It does not mean that sensitive voter data was manipulated or results were changed. Hackers targeting a system without getting inside is similar to a burglar circling a house checking for unlocked doors and windows.
Even so, the widespread nature of the attempts and the yearlong lag time in noti›ication from the Homeland Security Department raised concerns among some election officials and lawmakers.
For many states, the Friday calls were the first official confirmation of whether their states were on the list — even though state election officials across the country have been calling for months for the federal government to share information about any hacks, as have members of Congress.
“It is completely unacceptable that it has taken DHS over a year to inform our office of Russian scanning of our systems, despite our repeated requests for information,” California Secretary of State Alex Padilla, a Democrat, said in a statement.
“The practice of withholding critical information from elections officials is a detriment to the security of our elections and our democracy,” he said.
U.S. Sen. Mark Warner, of Virginia, the top Democrat on a committee that’s investigating Russian meddling in last year’s election, has been pushing the department for months to reveal the identities of the targeted states.
He said states need such information in real time so they can strengthen their cyber defenses.
“We have to do better in the future,” he said.
U.S. Rep. Lloyd Doggett, D-Austin, said, “The Trump administration has largely ignored the far-reaching Russian attack on our democracy. Putting America first and protecting our sovereignty means we should move immediately to prevent further attacks in the 2018 elections by fully funding the Election Assistance Commission, and, as I have called for since November, establishing an independent, nonpartisan inquiry into Russian interference.”
Homeland Security Department officials said they recognize that state and local officials should be kept informed about cybersecurity risks to election infrastructure.
“We are working with them to refine our processes for sharing this information while protecting the integrity of investigations and the confidentiality of system owners,” the agency said in a statement.
The government did not say who was behind the hacking attempts or provide details about what had been sought. But election officials in several states said the attempts were linked to Russia.
The targets included voter registration systems but not vote-tallying software. Officials said there were some attempts to compromise networks but most were unsuccessful.
Only Illinois reported that hackers had succeeded in breaching its voter systems.
Earlier this year, a leaked National Security Agency report detailed that hackers had obtained information from a company that provided software to manage voter registrations in eight states.
The May report said hackers sent phishing emails to 122 local election officials just before the November 2016 election in an attempt to break into their systems.
Staff writer Johnathan Silver and The Associated Press contributed to this story.