MADISON, Wis. — The U.S. Department of Homeland Security reversed course Tuesday and told Wisconsin officials that the Russian government did not scan the state's voter registration system.
Homeland Security told state elections officials on Friday that Wisconsin was one of 21 states targeted by the Russians, raising concerns about the safety and security of the state's election systems even though no data had been compromised. But in an email to the state's deputy elections administrator that was provided to reporters at the Wisconsin Elections Commission meeting on Tuesday, Homeland Security said that initial notice was in error.
"Based on our external analysis, the WI IP address affected belongs to the WI Department of Workforce Development, not the Elections Commission," said the email from Juan Figueroa, with Homeland Security's Office of Infrastructure Protection.
It wasn't immediately known if Homeland Security made similar mistakes with any of the other 20 states. Figueroa did not immediately reply to an email seeking an explanation of how the mistake was made.
Homeland Security initially told the Elections Commission that the Russians scanned the state's internet-connected election infrastructure, likely seeking specific vulnerabilities to access voter registration databases.
"Either they were right on Friday and this is a cover up, or they were wrong on Friday and we deserve an apology," Mark Thomsen, the commission's chairman, said in light of the new email.
Wisconsin's chief elections administrator, Michael Haas, had repeatedly said that Homeland Security assured the state it had not been targeted.
"Wisconsin was not provided any information that indicated before the November election that Russian government actors were targeting election systems," Haas said.
He said one theory is that Homeland Security saw suspicious activity from IP addresses targeting state election systems in other states and assumed that was the intent in Wisconsin as well.
"It's been a difficult process trying to piece all of this together," said Wisconsin Elections Commission spokesman Reid Magney. "We're trying to understand what happened."
Wisconsin's chief information officer, David Cagigal, told the commission that Wisconsin had never been told by Homeland Security, prior to the Friday notice, that Russians had targeted Wisconsin's election system or anything else. Deputy information officer, Herb Thompson, said Homeland Security told it in October to check on a certain IP address that the state had put in blocks to stop two months earlier in August 2016.
"We have never seen any of those activities result in anything other than someone trying to turn the doorknob to see if a door is open," Thompson said. "Those IP addresses we talked about, we had blocked, they were related to non-election systems."
Cagigal said, "Our systems were protected and we had no incidences."
The Elections Commission has established a cyber security team that is working on a new plan to improve security before the 2018 elections.
Security enhancements being considered include encrypting the entire voter registration database to protect the information and make it unusable to anyone who may be able to steal it and requiring two-factor authentication for the roughly 3,000 local and state officials who have access to the WisVote system.