Laptop, USB drives stolen from Philly election-staging site

The City of Philadelphia Elections warehouse where where memory sticks used to program voting machines were stolen on Thursday, Oct. 1, 2020, in Philadelphia. City officials say they are confident the incident won't compromise election integrity. Mayor Jim Kenney says police are investigating and “enhanced security” will be added at the warehouse. (AP Photo/Laurence Kesterson)

PHILADELPHIA — Computer thumb drives used to program Philadelphia voting machines were stolen from a city warehouse along with the laptop of an employee from the machines’ manufacturer.

The items were stolen from a warehouse in the city’s East Falls section, city election commission spokesman Nick Custodio said in a brief emailed statement, adding: “We are confident that this incident will not in any way compromise the integrity of the election.” The Philadelphia Inquirer, which first reported the theft in the majority Democratic city, said they were stolen this week.

Advertisements

The laptop did not hold any “sensitive election-related data” and was not used for election programming, said spokeswoman Katina Granger, of Election Systems & Software of Omaha, Nebraska, the manufacturer. She said ES&S immediately cut it off from the vendor’s network upon learning of the theft.

Granger said she was not able to address specifics about the stolen USB drives, including how many were taken and what was on them. Custodio did not answer emailed questions, including whether any of the 3,750 ExpressVote XL touchscreen ballot-marking devices used by the city might have been affected.

Pennsylvania is a crucial battleground which Trump won by 44,000 votes in 2016, with Hillary Clinton winning Philadelphia by a 67% margin, or 475,000 votes.

Election security expert Eddie Perez of the nonpartisan OSET Institute said Philadelphia voters’ confidence in the integrity of the election demands on transparency from officials that is so far lacking: “This is supposed to be a secured facility,” he said, “and apparently neither the county nor the election vendor adequately protected these sensitive assets. Why not?”

Granger of ES&S said the companies’ USB devices use multiple levels of encryption and are “married” to single voting machines during programming. But Perez said that it’s so far unclear how far along Philadelphia was in programming for the Nov. 3 election — and thus how much of a threat the theft might pose.

“It is very, very common that a USB stick has a wealth of information that is related not only to the configuration of the election and its ballot — and the behavior of the voting device — but also internal system data used to validate the election,” said Perez. “In principle, someone possessing the information on one of these USBs could disrupt the opening and closing of the devices in polling places. They could disrupt how ballots are displayed on the screen and they could potentially disrupt counting votes on those ballots.”

An “insider” bent on tampering with the election would only need to alter a subset of ballot-marking devices to compromise voting, Perez said.

In an emailed statement, Mayor Jim Kenney said police were investigating and “enhanced security” would be added at the warehouse. “This matter should not deter Philadelphians from voting, nor from having confidence in the security of this election.”

In a further incident, a WHYY public radio reporter walked right into the warehouse’s voting machine storage area unimpeded on Thursday morning. City spokesman Mike Dunn confirmed the incident and said the mayor would shortly be adding 24/7 security at the site.

“These changes will be put into place expeditiously,” he said.

The system potentially impacted by the incident is not the same as mail-in voting, which President Donald Trump has repeatedly sought to discredit with unfounded claims. On Tuesday, Philadelphia began accepting mail-in, or absentee ballots, at satellite elections offices that aren’t considered official polling locations.

FBI headquarters in Washington, D.C. declined to comment on whether it was assisting in the investigation.

Although the nation’s 8,800 voting jurisdictions are managed by state and local governments, they have been designated critical national infrastructure and multiple federal agencies have stepped up security assistance since the 2016 Russian election interference.