State lawmakers will not pursue research into the Colorado secretary of state’s office over an election systems password leak discovered earlier this year.
The Legislative Audit Committee voted 4-4 on an audit request into the state Elections Division. All four Democrats voted against the request and all four Republicans voted in favor of it. A tie means defeat.
The request, which was submitted by committee chair Rep. Lisa Frizell, a Castle Rock Republican, would have examined the procedures and policies that allowed an election system password leak.
“I think it’s very important that … a performance audit be conducted if nothing else to re-instill faith in our election system,” Frizell said. “Unfortunately and due to a wide variety of reasons, I suspect, we’ve seen over the last few years some fairly systemic and problematic issues in the secretary of state’s office when it comes to communication with county clerk and recorders.”
It became public in late October that passwords for voting system equipment across the state were posted online on a hidden spreadsheet posted on the secretary of state’s website. No equipment was unlawfully accessed or modified using those passwords, and a team of state staff members changed the affected passwords within a few days. But the security breach was revealed one week before the general election and prompted Republicans to call for Secretary of State Jena Griswold, a Democrat, to resign. She did not and maintains that the election system in Colorado is safe and secure.
The 2024 election results in the state have been certified.
Republican Sen. Kevin Van Winkle in October first called for a special committee meeting to approve an audit into Griswold’s office. Monday’s meeting was the first regularly scheduled meeting of the committee since the password leak.
Democrats on the committee pointed out that a third-party review of the situation, which covered the same ground as the proposed audit, was released Monday. That review found that the office violated two state information security policies in the lead-up to the password leak but that, ultimately, it was caused by a “series of inadvertent and unforeseen events.” The report did not put blame on Griswold or her office, and Griswold accepted the report’s recommendations for improvement.
Denver District Attorney Beth McCann’s office is also investigating how the passwords ended up online.