Trump campaign demands Colorado secretary of state temporarily halt processing of mail ballots after password leak

COLORADO, USA — Former president Donald Trump’s campaign demanded Wednesday that Colorado Secretary of State Jena Griswold (D) temporarily halt the processing of mail-in ballots and re-secure voting systems in counties impacted by her office’s leak of voting system passwords online. 

The Colorado secretary of state’s office inadvertently posted a spreadsheet to its website with a hidden tab that included voting system passwords months ago, but said they were recently made aware of the mistake. The passwords, known as BIOS passwords, are needed to configure system settings. They are one part of the security process for Colorado’s voting machines.

In its letter to Griswold, the Trump campaign noted that it was “particularly concerned” because her office was aware of the leak as early as Oct. 24, but did not notify the public. 

The public became aware of the leak on Tuesday morning, when the Colorado Republican Party vice chair shared the hidden tab discovery in a mass email.

The Trump campaign demanded that the secretary of state’s office identify any affected counties, notify the counties and direct them to perform a new Logic and Accuracy Test for their election equipment.

The campaign demanded that those counties stop processing mail ballots and prepare to rescan all mail-in ballots already scanned, calling the steps “the only way to guarantee that the election equipment in those counties…are secure.”

In an interview with 9NEWS, Griswold maintained that the leak is not a security threat.

“To be very clear, we do not see this as a full security threat to the state. This is not a security threat,” Griswold told 9NEWS Tuesday. “There are two passwords to get into any voting component, along with physical access. We have layers of security, and out of just an abundance of caution, have staff in the field changing passwords, looking at access logs and looking at the entire situation and continuing our investigation.”

Griswold did not notify county clerks the passwords had been posted until the information became public Tuesday. She argued this was not “not disclosing” the issue.

Per the Trump campaign’s letter, Trump attorney Scott Gessler gave Griswold until 10 a.m. on Oct. 31 to confirm her office would take the steps they outlined.

On Thursday, Governor Jared Polis announced that the state’s executive branch is providing the Secretary of State’s Office human capital, air and ground assets, and other logistical support to complete changes to all the impacted passwords and review logs to ensure that no tampering occurred. 

As part of this, Griswold will deputize certain state employees with cybersecurity and technology expertise who have undergone appropriate background checks and training. These employees will only enter badged areas in pairs to update the passwords for election equipment in counties and will be directly observed by local elections officials from the county clerk’s office. 

The state’s goal is to complete the password updates by Thursday evening and verify the security of the voting components, leveraging resources from across various departments and coordinating with the secretary of state, local and federal partners.