Georgia's top elections official announced Friday that his office plans to take over managing the state's elections technology after major security mistakes were discovered at the center that has done the work for 15 years.
The planned change by Secretary of State Brian Kemp follows media reports that cybersecurity experts discovered the state's 6.7 million voter records and other sensitive files had been left exposed for months on the public website of the Center for Election Systems. The researchers raised an alarm in March, prompting an FBI investigation and revealing still more problems.
According to an $815,000 contract obtained by The Associated Press, the center will continue to operate on the Kennesaw State University campus through June 30, 2018. Kemp's spokeswoman Candice Broce said the state didn't want to disrupt training and other services during the transition that the center provides to county election officials.
In the meantime, she said, Kemp's office will prepare to take over the center's all-encompassing responsibilities. Its staff designs ballots, creates memory cards with lists of registered voters for each polling site, and tests and certifies every piece of repaired equipment.
More details about the transition plan remained unclear on Friday, including any changes to the center's staff.
"Today my office and Kennesaw State University executed what will be the final contract between our two entities related to the Center for Election Systems," Kemp's statement said. "The ever-changing landscape of technology demands that we change with it. The Secretary of State's office is equipped, trained, and tested to handle these operations in-house. I am confident that this move will ensure Georgia continues to have secure, accessible, and fair elections for years to come."
The extent of the security lapse was first reported in mid-June by Politico Magazine . Researcher Logan Lamb said he contacted the center's director, Merle King, in August 2016 after discovering records containing voters' personal information and other sensitive documents on the site. When Lamb's colleague was able to access the same records seven months later, that person alerted the university, which seized and isolated the center's equipment in March.
The FBI found no crime was committed. But the school's information technology department discovered numerous mistakes that raised more questions about the security of the state's voting infrastructure.
The change is unlikely to satisfy voting-transparency activists who sought an independent review of Georgia's voting systems ahead of the June 20 special election to replace health secretary Tom Price in Congress, but were told by Kemp's top attorney that it would take half a year and cost $10,000.
Activist Marilyn Marks cited Kemp's office mistakenly sending out CDs containing the birth dates and Social Security numbers of every registered voter in 2015, costing $1.2 million for credit monitoring.
"He says they're equipped to do this, but they certainly don't have the track record to prove it," she said.
King didn't immediately reply to an email seeking comment Friday. University President Sam Olens said in a statement that Kennesaw State supports the Secretary of State's decision and looks "forward to helping facilitate a smooth transition."
Explore further: Georgia official discounts threat of exposed voter records