Abrams rips Kemp for handling of vulnerabilities in Georgia voter system

Jon Ward
·Chief National Correspondent

SAVANNAH, Ga. — Stacey Abrams, the Democratic candidate for Georgia governor in Tuesday’s elections, lashed out Monday morning at Republican Brian Kemp over his handling of a report to his office overseeing the election about vulnerabilities in the state’s voter system.

Kemp, Abrams said at her first event of the day inside a longshoreman union hall, is “not only an architect of voter suppression, but he’s a bald-faced liar.”

Abrams noted that she does not use such rhetoric lightly. “I have worked hard … to be as careful as possible with my language,” she said.

But she said that Kemp, in his capacity as secretary of state, had been exposed last Friday when the state Democratic Party passed on information to his office about a lack of security surrounding voter data.

Abrams rips Kemp for handling of vulnerabilities in Georgia voter system
Abrams rips Kemp for handling of vulnerabilities in Georgia voter system

Kemp then announced Sunday morning that his office, which is overseeing the same election he is running in, was opening an investigation into the Georgia Democratic Party “for possible cyber crimes.”

Abrams blasted Kent for using a serious vulnerability his office is responsible for to accuse his opponents of a possible crime. “He made up a story like a 6-year-old trying to cover his tracks,” Abrams said to a boisterous crowd of several hundred supporters.

Kemp’s announcement on Sunday morning stated, without providing any evidence, that there had been a “failed hacking attempt” into the state’s system, but that “no personal data was breached.”

One veteran Republican Georgia operative observed that Kemp’s announcement had a whiff of panic and desperation to it. Kemp and Abrams are locked in a dead heat, and a loss for Kemp would be a humiliation.

Kemp’s tenure has been beset by problems since he took over in 2010. In 2015, his office accidentally disclosed Social Security numbers and other information on more than 6 million voters to media organizations and political parties. And he has been aggressive in purging the state’s voter registration database of inactive voters, moving more than 2 million people off the rolls since 2012.

Kemp has also used a policy called “exact match” to put more than 50,000 Georgia voters into limbo this year, placing them on a “pending status” list. The Associated Press found that most of these voters were people of color.

Georgia Democratic Party spokesman Seth Bringman told Yahoo News on Monday that they were first alerted to the vulnerabilities in Georgia’s online voter registration system by a man named Richard Wright, who contacted them through their voter protection hotline.

Wright emailed with a volunteer named Rachel Small, who forwarded those emails to the Democratic Party’s director of voter protection, Sara Ghazal. The Georgia Democratic party shared those e-mails with Yahoo News.

Wright said that on the state’s My Voter page, the “url to download sample ballots and poll cards … allows you to download any file on the system.”

Second, Wright wrote, the online registration page contained links to download a form to print and mail a voter registration to the local election office. Wright said that the URL, which contains a simple ID number based on a numerical counter, could be easily changed to download other people’s personal information.

Ghazal sent the information to two cyber experts she works with regularly. One of them is a man named Wenke Lee, who is the co-executive director of Georgia Tech’s Institute for Information Security & Privacy.

Lee also sits on a commission created by Kemp to ensure fair elections.

Bringman told Yahoo News that Lee “obviously took that information to secretary of state’s office.”

Lee told Yahoo News in an email that he does not know or work regularly with Khazal, and that he “did not forward her email to the Secretary of State.”

“I do not know why the Democratic Party of Georgia contacted me about a vulnerability found by Richard Wright,” Lee said.

“I am an impartial, apolitical, unpaid, volunteer citizen member to the SAFE Commission, organized by a state agency. I was asked to serve as a technology expert for that Commission by a state employee. In no way is my work on that Commission an endorsement for or against any political party,” he said.

Wright did not respond immediately to a request for comment.

Kemp did not mention the issue during a rally with President Trump on Sunday afternoon. But the Democratic Party of Georgia said in a statement that “as is abundantly clear from these emails, it was Richard Wright, not Rachel Small, who may have performed the actions described.”

“Brian Kemp has lied to cover up his own failings,” Abrams told reporters at the union hall after her rally. “Instead of taking responsibility and owning up to it, he instead manufactured a hoax. He said he was being hacked, and no one was hacking anyone.”

“He is abusing his power as secretary of state,” Abrams said.

_____

Read more Yahoo News midterms coverage: