Each day Arizona’s computer security systems detect thousands of possible threats. While each one is taken seriously some attacks are more threatening than others. A few weeks ago, we experienced the latter when the FBI alerted the Arizona Department of Administration that access to the Statewide Voter Registration System (VRAZ) was compromised by malware installed on a county computer and a user credential was leaked by a hacker.
To protect the database from further exposure we decided to take the system offline and have ADOA cybersecurity and our voter registration software vendor perform a full examination of the system. We did not find any evidence of malware or command and control software in VRAZ itself, and subsequently restored its use.
There are two levels of credentials needed to access the voter registration system. We did not find evidence anyone was able to penetrate the second level of security. We have also verified that no data was compromised in the VRAZ system through the use of the compromised credential.
Our security measures adhere to Arizona’s cybersecurity policies and undergo frequent testing to ensure the integrity of our systems. From application firewalls and intrusion preventions systems we remain vigilant for attacks on digital information.