Colorado Secretary of State Jena Griswold walked into what was to be a meat grinder interview with 9NEWS anchor Kyle Clark who took her to task over leaking the password to the voting machines in 63 of Colorado’s 64 counties. He pointed out that Griswold just sent Tina Peters to prison for nine years for doing the exact same thing. The leak reportedly exposed sensitive data for voting system components across nearly all Colorado counties.
The Gateway Pundit previously reported:
CLICK HERE TO JOIN OUR NEWSLETTERIn an email from the organization, they wrote that an affidavit they’ve received claims that Secretary of State Jena Griswold “shared a file on her website that contained over 600 BIOS passwords for voting system components of 63 out of the state’s 64 counties.”
According to the affidavit, the passwords were not encrypted or protected and were available to the public. Colorado election regulation 8 CCR 1505-1 Rule 20.5.2(c)(11) states, “The civil servants at the Department of State will securely and confidentially maintain all BIOS passwords for voting system components.”
The Colorado GOP said that this does not constitute “evidence of a breach by itself” but demonstrates a “major lapse in basic systems security and password management.” Griswold has in the past referred to Colorado elections as “The Gold Standard.”
“A bad actor would still need access either physically or remotely to the systems. It is unclear whether the passwords were in use at any point while publicly available,” the press release reads.
VISIT OUR YOUTUBE CHANNEL
Here is the transcript of that interview:
Kyle Clark: Secretary of State Jennifer Griswold, thank you for your time today. So, your office is acknowledging that you inadvertently leaked voting system passwords by putting them on your website. The Colorado Republican Party says that this was more than 600 BIOS passwords for voting systems in all but one Colorado County. Is that accurate?
Jena Griswold: That is not accurate.
Kyle Clark: How many passwords and for which counties?
Jena Griswold: A spreadsheet located on the Department website improperly had a hidden tab with partial passwords. It’s really important to note that this is not the full password to access voting equipment. At this point, we have started an investigation and actually have people in the field working on this issue.
Kyle Clark: When you say partial passwords, do you mean that it had one of the two passwords required to get into the system, or did it not even have one full password?
Jena Griswold: It had one of the two, and not for all voting components, only some in the state.
Kyle Clark: How many counties?
Jena Griswold: At this point, Kyle, we have staff in the field looking into this situation, but we’ll disclose specifics after they’re out of the field. To be clear, we do not see this as a full security threat. There are two passwords required for any voting component, along with physical access. We have layers of security, and, out of an abundance of caution, have staff in the field changing passwords, reviewing access logs, and continuing our investigation.
Kyle Clark: Is it accurate that the passwords were removed from the public portion of your website last Thursday?
Jena Griswold: Yes.
Kyle Clark: How long were they up?
Jena Griswold: They were up for several months without it being noticed. As soon as my office became aware, we took immediate action. The first step was removing those passwords. I want to clarify, not all of those passwords were active, current passwords. We then began working with CISA, the federal agency overseeing critical infrastructure, including election infrastructure, and started our investigation.
Kyle Clark: Is it accurate that you did not notify the county clerks of this breach and that they found out when the Colorado Republican Party announced it today?
Jena Griswold
What is accurate is that we had begun an investigation and were working with the appropriate federal partners.
Kyle Clark: Have you informed the county clerks?
Jena Griswold: No, we had not. We were conducting an investigation and were in the field today before the announcement by the Republican Party.
Kyle Clark: You frequently warn of insider threats to elections. The U.S. Department of Homeland Security defines an insider threat as someone who uses authorized access, wittingly or unwittingly, to do harm. Did the actions of your office constitute an insider threat?
Jena Griswold: No.
Kyle Clark: Why do you say that?
Jena Griswold: For several reasons. First, this does not pose an immediate security threat to Colorado’s elections. Colorado has multiple layers of security. There are two unique passwords held by different parties to access voting equipment, and physical access is also required. These passwords must be used in person. Under Colorado law, we have secure rooms, restricted access, and 24/7 video recording of all election equipment. Additionally, we use paper ballots and conduct risk-limiting audits. Our elections are some of the most secure in the nation, and many of these security measures have been enhanced since 2021.
Kyle Clark: In 2021, when Mesa County’s voting system passwords leaked, your office stated that the disclosure of BIOS passwords alone constituted a serious breach. By that standard, did your office commit a serious breach of security protocols?
Jena Griswold: No. The situation in Mesa County was distinct. Tina Peters was just convicted, and we were actively investigating a broader breach in Mesa County.
Kyle Clark: But your office said the public disclosure of BIOS passwords alone constituted a serious breach. Now that your office has leaked passwords, does that constitute a serious breach?
Jena Griswold: The statement was part of a broader press release. The situation with Mesa County involved two sets of unauthorized passwords and a larger security breach. Our security measures have improved since then, with 24/7 surveillance and access badges.
Kyle Clark: The wording used by your office was that passwords alone constituted the breach. What have you done to determine whether those passwords were used by an unauthorized person?
Jena Griswold: We began an investigation immediately and have no reason to believe there are any breaches. Federal partners are assisting, and we are examining access logs and chain-of-custody records.
Kyle Clark: In 2021, you ordered Mesa County to stop using machines for which passwords were leaked. Why no similar order now?
Jena Griswold: In Mesa County, both passwords were used, and unauthorized access occurred. With our improved security measures, we have no evidence of a similar situation here.
Kyle Clark: In 2021, the Department of State investigated Mesa County’s password leak. Who will investigate the leak from your office?
Jena Griswold: This is not the same as Mesa County. We reported the incident to CISA and are working with them. This situation does not indicate unauthorized access or a conspiracy.
Kyle Clark: Is your office solely responsible for investigating this, or is there an outside agency involved?
Jena Griswold: This is a straightforward case of a civil servant uploading a spreadsheet with some passwords. Two sets of passwords are required for access, and we notified CISA immediately.
Kyle Clark: This isn’t the first error your office has made that has impacted voters’ confidence in elections. Will you resign?
Jena Griswold: Absolutely not. You’re mischaracterizing the situation. We addressed the 2022 postcard issue and tracked it carefully. No ineligible people registered, and Colorado consistently ranks high in election confidence. I’m proud of the work we do, and we’re addressing this issue with an abundance of caution.
Kyle Clark: Given the repeated errors that have undermined voter confidence, why do you think they keep happening?
Jena Griswold: Errors occur in every election. Our civil servants are experienced and dedicated, working under evolving demands. Running elections is complex, especially in today’s environment. We disclose and address issues as they arise, and we’ll continue to ask for legislative resources.
Kyle Clark: Were you going to disclose this password leak to the public if the Colorado Republican Party hadn’t announced it?
Jena Griswold: We were investigating with federal partners and hadn’t made that decision. This does not constitute a security breach or evidence of compromised equipment, and we are taking a measured approach.
Your writing has a way of resonating with me on a deep level. I appreciate the honesty and authenticity you bring to every post. Thank you for sharing your journey with us.
Wow wonderful blog layout How long have you been blogging for you make blogging look easy The overall look of your site is great as well as the content