About 100 computer discs with 1.3 million Chicago voters' Social Security numbers have been distributed to aldermen and ward committeemen, and the whereabouts of at least an additional six CDs with the same information are unknown, according to the Chicago Board of Elections.
This follows a security lapse in October, when voters' Social Security numbers were available through the board's Web site. But unlike the Web site flaw, which was fixed in a few minutes, it will be difficult, if not impossible, for the board of elections to retrieve sensitive data physically scattered on more than 100 discs throughout the area.
The discs also contain voters' birth dates and addresses -- information that along with Social Security numbers can be used to commit identity theft.
The board said that, so far, there has been no evidence of identity theft as a result of the lapse, but that -- as required by state law -- it will be notifying voters their Social Security numbers may have been compromised.
The latest leak of sensitive voter information was uncovered by 43rd Ward aldermanic candidate and technology expert Peter Zelchenko, who also discovered the Web site security hole last October.
"This information must be on campaign computers and in desk drawers all over the city," said Zelchenko.
Zelchenko discovered voters' Social Security numbers on a so-called "Ward Work" CD, which is supposed to contain voter names and addresses and is given on request to anyone affiliated with an aldermanic campaign.
'Grave doubts'
The board claims that only Zelchenko and one other aldermanic candidate mistakenly received the sensitive data since 2003. But in investigating queries from the Chicago Sun-Times, board officials found out about the other 100-plus CDs, spokesman Tom Leach said. Social Security numbers were inadvertently included on those discs, which were created by the board in the wake of the 2003 fire at 69 W. Washington, where it maintained computers with voter records.
"We couldn't maintain our voter-registration system, so they downloaded the whole file for committeemen and aldermen," Leach said.
Records on the CDs contain information about 2.2 million active and inactive voters, but only 1.3 million of the records contain Social Security numbers.
"This is a security gap of the highest order, but whether or not it represents any danger is completely unknown," said DePaul University computer scientist Jacob Furst, who heads the university's Information Assurance Center. "But you've got a whole bunch of these discs laying around. ... I can imagine a whole bunch of awful scenarios."
And it worries Furst that the lapses occurred at an agency responsible for counting votes. "It would, in my mind, cast grave doubts on electronic voting," he said. "My sense is that these are people with the best of intentions, but (they) don't know enough about the possible consequences of using technology and so are making mistakes."
Audit may be sought
But Leach said that because electronic voting is heavily monitored and every vote generates a paper record, the results will remain secure. He added that the board likely is to ask accounting firm Grant Thornton to perform an audit of all of its computer operations.
The firm already is working on a report on the October 2006 Web site leak. Since October, complete Social Security numbers have been scrubbed from the election board's Web site. Zelchenko has set up another site, re4m.org, which registered voters can use to find if their Social Security or telephone numbers were exposed on these discs.