Berkeley High student tried to rig his own election, exposing flaw in district's cybersecurity

[InfoSec News <alerts () infosecnews org>]

https://www.berkeleyside.com/2019/04/09/berkeley-high-student-tried-to-rig-his-own-election-exposing-flaw-in-districts-cybersecurity

By Natalie Orenstein
Berkeleyside
April 9, 2019

Large-scale voting fraud in a Berkeley High student government election has 
gotten two candidates disqualified and revealed a vulnerability in the 
district’s technology system.

No software hacking or Russian meddling was required.

A candidate simply logged into his classmates’ email accounts and cast hundreds 
of online votes for himself, according to administrators.

John Villavicencio, BHS director of student activities, first noticed a 
suspicious spike in support for two of the candidates running for student-body 
president and vice president a couple of days after the voting period opened in 
mid-March. Students were casting ranked-choice ballots via a Google Form 
accessed through district-provided Gmail accounts, and election administrators 
could observe the live results. The sudden influx of votes favoring these two 
candidates was blatant, Villavicencio said.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_