Editorial: Colorado’s leaked password scandal needs outside investigation
"Hundreds of voting machine passwords were accidentally released but what exactly was Secretary of State Jena Griswold doing to address the security breach?" -- The Denver Post Editorial Board
Between Oct. 23 when Secretary of State Jena Griswold became aware that hundreds of voting machine passwords had been released publicly on a spreadsheet and Nov. 1 when Gov. Jared Polis intervened to demand the passwords be changed, what exactly was Griswold doing to address the security breach?
Inquiring minds want to know.
Because this feels a lot like déjà vu with Jena Griswold.
In 2022 when we endorsed Griswold’s Republican opponent we wrote: “Griswold has left us unimpressed with her unwillingness to address problems and issues as they arise and even a reluctance to admit when mistakes have been made, or things could be improved.”
Here we are two years later in the midst of one of the most closely scrutinized elections of all time and Griswold’s team makes a crucial error and the secretary of state sits on it for at least a week before taking action.
We’re perplexed by the entire ordeal.
Colorado’s elections are very secure – every voter casts a paper ballot that is retained for recounts and risk-limiting audits. Those ballots are public record and can be cross-checked with the public list of participating voters to ensure the numbers add up and to ensure the voters are real, eligible, alive Coloradans.
The passwords leaked were one of two needed to access the voting machines and the machines are stored in secure areas kept under constant surveillance.
All of this means it is unlikely that any harm came from the passwords being publicly released beginning as early as Aug. 8 and ending Oct. 23.
However, it doesn’t take a conspiracy theorist to believe it’s possible the passwords weren’t leaked on accident. Did a rogue secretary of state employee – someone with delusions of grandeur on the scale of former Mesa County Clerk and Recorder Tina Peters – intentionally release the passwords? Was the intent to cast a pall on the election or was he or she conspiring with someone else – Democrat or Republican — to breach election machines?
These unanswered questions are why an external investigation is needed. Griswold has said she will hire an external company to review the incident, but we think the investigation needs to be beyond her control entirely. Gov. Jared Polis has done an excellent job stepping up in Griswold’s absence on this issue and he should do so again by having the investigator spur from his office.
Peters used her role as clerk to give someone access to the voting machines in Mesa County and steal data related to the election. No real harm came from her antics and the data proved what most Coloradans already knew – the elections were secure and valid.
But that didn’t stop Peters from jetting off around the country claiming she had proof that the 2020 election was stolen.
In a similar vein, it was someone involved with discrediting the 2020 election on behalf of former President Donald Trump who first discovered the passwords in a hidden sheet on a database of election equipment that could be downloaded from the secretary of state’s website. Shawn Smith signed an affidavit that was sent to Griswold’s office on Oct. 29 stating he had downloaded the spreadsheets on Aug. 8, Oct. 16 and Oct. 23. The link to the spreadsheets was taken down on Oct. 24 when Griswold’s office noticed the passwords, but no information was released officially about the link until after Smith and the Colorado Republican Party sent out public notices about the passwords they had obtained.
Coloradans deserve to know exactly how and why the passwords were released whether it was a simple mistake, negligence or a nefarious act.
Griswold and Polis have assured Coloradans that no voting machines were compromised — the fear being of course that someone inside a county clerk’s office used the passwords, combined with theirs and their access to the machines to upload malware that could interfere with the integrity of ballot counting.
We need someone to review the security tapes and investigate just as we did following the Peters’ security breach in Mesa County. Tina Peters was sentenced to 9 years behind bars for her data breach, based in large part on the investigation into her actions led by Griswold. This security breach should be investigated just as thoroughly, as should be Griswold’s lack of response.
Sign up for Sound Off to get a weekly roundup of our columns, editorials and more.
To send a letter to the editor about this article, submit online or check out our guidelines for how to submit by email or mail.
What's Your Reaction?