Election surveys sent by MyPillow CEO-linked group prompt FBI referral
White powder isn't the only strange thing that has been sent to election officials across the country this season.
A series of emails sent by a group led and funded by MyPillow CEO and election denier Mike Lindell have been referred to the Federal Bureau of Investigation, according to federal officials, after election officers across the country began finding what they said were misleading email messages. Those emails included a survey asking for, among other things, sensitive personal information from those tasked with overseeing the voting process and details about their offices' cybersecurity systems. The messages explained the group was looking to help boost the nation's election integrity.
In an early September email to local election officials, obtained by ABC News, Lindell's "Election Crime Bureau (ECB)" said the group was "investigating what steps have been taken" across the country to "ensure the security of the upcoming 2024 election." The email asked recipients to take a survey about the Center for Internet Security (CIS), a nonprofit focused on cybersecurity that has been working with election offices to prepare for next week's election and subsequent vote counting.
The survey asked if recipients have a "membership agreement" with CIS and its Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), an initiative funded by the U.S. Department of Homeland Security to protect local election offices. It also asked for recipients' home addresses, what network and endpoint cybersecurity protections they had installed, and if those protections had been "provided by" CIS.
Within two hours of finding out about the survey, CIS put out an alert warning that its Cyber Threat Intelligence team had "received multiple reports" of the "Misleading Email to Election Officials" that could falsely "lead a recipient to believe" the note was from their EI-ISAC. The group recommended that staff "not click on any links in these emails or respond to them," and report any suspicious emails to their Security Operations Center.
CIS said it also notified the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), the branch of the Department of Homeland Security that is working with local election officials to safeguard the election.
CISA referred ABC News to the FBI for comment, which declined to do so.
Acting fast was a "top priority" to counteract any confusion sewn by the missives, Marci Andino, vice president of the EI-ISAC at CIS, told ABC News – not to mention the possibility of a phishing or swatting attempt.
"We are here to increase the cyber security posture of election officials," Andino said. "There's no legitimate reason why you would need their home address. They feared that they were being set up for swatting."
In the dynamic and toxic threat environment in which the election is occurring, the survey's attempt to harvest details about elections' cybersecurity protections was also eyebrow-raising to election officers.
"That was a red flag for members," Andino said – since revealing how a given county protects its system could also help a potential malicious actor ferret out the vulnerabilities.
Poll workers and election staff around the country have been receiving threats of physical violence and in many locations have had to undergo security training.
"I'm not sure if the questions in that survey crossed the line or not, but either way I'm not excited about information like that getting out to the public," said Joseph Kirk, the election supervisor in Bartow County, Georgia. He had received the ECB survey – it had landed in his spam folder.
"We're a little more protective of our home addresses than we used to be," Kirk said. "And just as far as security, we don't want to give anyone a playbook for what they'd have to defeat to get into our networks."
"If somebody was not thinking and they gave out that information – that's like giving the code to your election's front door," Andino said.
EI-ISAC has received reports from 58 of its members so far, according to CIS. Some reports indicated that multiple people in their department received the email, or they were aware of other offices receiving it. Ohio's Secretary of State, for example, reported that they were tracking 93 emails that had been sent to various county boards of elections, according to CIS.
Lindell told ABC News he's "not involved in the day-to-day" operations of ECB so he didn't know "what was sent out." But in a telephone interview, he said "there was nothing done wrong with that survey," and that the FBI had not reached out to him. Lindell also accused the media of "doing a hit job on the Election Crime Bureau."
"I want to get rid of the electronic voting machines, and you should care about it too. There's nothing wrong with the survey," Lindell said, adding they have "plenty of lawyers that look at everything we do."
Lindell has pushed false and unsubstantiated claims that voting machines were manipulated to steal the 2020 election from Donald Trump. Espousing those conspiracy theories, which have been widely debunked, has embroiled the MyPillow CEO and others in defamation lawsuits from voting machine companies like Dominion Voting Systems and Smartmatic. Lindell has denied wrongdoing. In February, a federal judge affirmed a $5 million arbitration award against Lindell, siding with a software engineer who challenged data that Lindell said proves China interfered in the 2020 election in favor of President Joe Biden.
Lindell referred specific questions to Patrick Colbeck, chief operating officer at Lindell Management.
Colbeck in an email said the distribution list they used to share the survey was "obtained from publicly available data regarding government bodies," and the surveys were sent to "as many [election officials] as possible."
He said there was nothing nefarious about the effort and the goal of requesting personal and membership information was to "inform government officials about CIS organization and its operations" and to cross-reference respondents with prior years' membership lists. ECB's survey, Colbeck said, had "received a high rate of opening."
Like Lindell, Colbeck said ECB had not been contacted by law enforcement about the surveys.
"If they do, much as with any organization committed to the integrity of our elections, we will be happy to share our concerns with the Center for Internet Security as well as other [organizations] which we believe compromise the integrity of our election system," Colbeck said.
Colbeck said the alert about their survey was "obviously intended to frighten government officials away from investigating CIS operations." He suggested the warning about ECB's potentially misleading survey itself was "disinformation," and "the body of the email was clearly branded with the ECB logo."
Even after CIS' September alert, ECB's emails continued. In early October, ECB sent another, obtained by ABC News, which urged any recipient who "is a member of the EI-ISAC or has signed an agreement with the CIS" to click on their "ECB Advisory for more information on the risks inherent with their censorship of important election information and the activities of the [Election Integrity Partnership] as a whole."
Election officials have been thrust into the midst of an overheated public discourse and an unprecedented threat environment both in the real world and online, while safeguarding an election likely to be ligated — even as some still maintain unfounded yet enduring doubts about the legitimacy of the last one. And in the grander scheme, experts say, it's not just one day in November at issue when it comes to warding off potential threats.
Recent bulletins from the Department of Homeland Security's Intelligence and Analysis division have warned of violence that could grow out of anger, extremism and conspiracy theories associated with the general election – describing a toxic brew in which bogus conspiracy theories and public incitements merge with fake imagery and fraudulent information in what's become a heavily armed, highly polarized nation.
"Accusations of fraud by notable figures with incitements to action or circulation of viral images or videos purporting to show fraud could further exacerbate the threat environment," DHS said. The threat environment could particularly escalate in the event of a contested or close election, as well as variations in state election laws or unforeseen events impacting the release of results, or technological or administrative errors impacting vote counting processes.
"We're really concerned about threats going right up until the inauguration, so it won't end on Election Day," Andino said. "It's not going to end when polls close. It may only be getting cranked up then."
The 2024 presidential election marks the first since the Jan. 6, 2021 insurrection at the U.S. Capitol, when rioters clashed with Capitol police at a rally to contest the certification of the 2020 results. It will offer the first stress test of new systems and guardrails that Congress put in place to ensure America's long tradition of the peaceful transfer of presidential power.
This year's voting process punctuates months of election officials at every level of government weathering a maelstrom of misinformation and threats of bodily harm — from swatting attempts and bomb threats to suspicious white powder sent to numerous Secretary of States even as the first early ballots were set to be cast.
Federal law enforcement has for months warned that this election is likely to face a complicated array of threats, from voter manipulation to physical violence — and for months, authorities have been gaming out how to handle them.
Foreign actors will likely be all too eager to amplify false narratives in the period after the election day, to sow doubts about the security of the election, according to national security officials — with influence operations expected to continue through Inauguration Day, according to a DNI official who briefed reporters earlier this month.
"The IC assess says that even after the polls close, the goals of foreign actors, particularly Russia, Iran and China, toward the election will persist and they will remain committed to trying to undermine U.S. democracy, stoke societal unrest and position their preferred candidates," according to an official with the Office of the Director of National Intelligence.
As multiple wars and political violence rage overseas, at home, partisan tensions already at a fever pitch have played out on a campaign trail mile-marked by toxic rhetoric and hyperbole. In addition, hate speech, misinformation and disinformation are running rampant on social media, and rapidly evolving technology remains vulnerable, experts say.
Colbeck shrugged off the idea that in an era pervaded by cyber hacks and compromised data, some officials might be leery of sharing their information.
"We didn't do anything wrong and you can take that to the bank," Lindell said. "I just want to help save our country."