May 26, 2023
Dear Coffee County Voters:
Coalition for Good Governance (“CGG”) represents many Georgia voter members concerned about the security and reliability of the state’s touchscreen voting system in upcoming 2024 elections. Our fears have grown because of the state’s voting system security breach that had its roots in Coffee County putting all Georgia voters’ votes at greatly elevated risk. Our goal is to see the 2024 elections protected against electronic manipulation as well as false claims of vote rigging.
CGG and some of our Georgia members have been suing Sec. Raffensperger and the Georgia State Election Board since 2019 to have the Dominion touchscreens banned and to have the system secured (Curling v Raffensperger). In that federal lawsuit we discovered the massive breaches of Georgia’s voting system that were initiated in Coffee County in 2021. The information below was developed in that ongoing case.
We have three main purposes in writing Coffee County voters:
1) to share important information which may not have reached Coffee community leaders; (Sections 1 and 4 below)
2) to seek information from local citizens about unanswered questions behind the Coffee County breach – the largest known voting system breach in the nation’s history; (Section 2)
3) to alert you to upcoming information on how Coffee County voters can secure the upcoming fall municipal elections and 2024 elections. (Section 3)
The Coffee voting system breach continues to be in the national news. Read on to understand why.
Please share this summary with your friends who may be interested, or who may have information to share. We have tens of thousands of pages of additional documents available to share.
Section 1 – Background Information
Section 2– Unanswered Questions
Section 3—Security Solutions are Locally Available
Section 4 –Supporting Documents and News Sources
Section 1 – Background Information
Q: Trump clearly won Coffee County in 2020. Why does any of this matter now?
A: In January 2021, computer experts were paid by Trump advisor Sidney Powell to visit the Coffee elections office and copy the state’s voting system software without legal authorization. These operatives distributed Georgia’s software on the internet to many unauthorized individuals with no restrictions on its use.
Anyone possessing Georgia’s election software can use it to create bugs and viruses to infect the voting system in future elections, in ways that cannot be detected in Georgia’s touchscreen system. Bad actors can easily write, test, and perfect malware which even unskilled accomplices can use to plant vote-stealing viruses in the voting system for upcoming local, state or federal elections. No one knows how many people have been able to access the pirated copies of Georgia’s software to make and perfect their own viruses to use in future elections.
Q: Why would bad actors want copies of Coffee County software, given that Coffee has only a small number of voters?
A: Coffee, Fulton, Cobb, DeKalb, Chatham, and all Georgia counties have the same software. Pirating the software from Coffee is the same as grabbing Fulton’s software. No need to go to 158 other counties when there is “one stop shopping.” Coffee presented an easy entry point to make off with the entire state’s software.
Q: When did the breach (security failure) happen and what were they trying to do?
A: The full scope of the “software capture” mission is not fully known. There were at least three breach events in the Coffee office during January 2021, (January 7, January 18-19, January 25-29), by unauthorized actors who had their way with Georgia’s software, the voting computers, the central server, and ballots and memory cards from the January U.S. Senate runoffs. They left with copies of software and data. At one point, while in Coffee, they exchanged texts with their leaders stating the need to decide whether to try to “decertify the Senate runoffs, or wait for a bigger movement,” with the software and records they were taking from Coffee. (Many of us fear that 2024 is the “bigger movement” some bad actors want to manipulate.)
While in Coffee, the outside actors allegedly illegally opened the casing and inspected the computer parts, permanently damaging the machines. One allegedly made serious improper changes on the central server, causing it to produce inaccurate operating information. The improper changes were confirmed by our voting system computer experts. (See linked documents below.)
Q: If the breach occurred in January 2021 after the Senate runoffs, how could the software pirated from Coffee be used in future elections across Georgia?
A: The same software is used year after year for running the voting system, unless major upgrades are performed. The system is so complex, Secretary Raffensperger claims that no major upgrade can take place before 2025. The state’s software, once in the hands of the malicious actors, can be used to make malware to infect Georgia’s very vulnerable touchscreen system. Malware can be inserted via USB sticks into a few voting machines, or scanners, or a county’s central election server. This can be done with a few seconds contact with those machines. There are many points of attack for bad actors to direct even unskilled accomplices to plant the malware. When deployed, malware generally cannot be detected, even with extensive testing.
Sec. Raffensperger has stated that he has no plans to patch and upgrade the system until 2025, which is essentially telling bad actors they have free pass to plan to exploit the system in 2024 using the vulnerabilities verified by federal agency DHS/CISA.
Q: Who was involved in the Coffee voting system breach?
A: Numerous individuals and organizations from the Coffee County election office to the White House itself were apparently involved in planning and executing the breaches. We do not know all the people involved, but individuals seen on the security video recordings during the breaches include Cathy Latham (then Coffee GOP Chair), Eric Chaney (then Election Board member), Misty Hampton (then election supervisor), Ed Voyles (former Election Board Chair), four SullivanStrickler computer forensic professionals from Atlanta, Scott Hall (Atlanta businessman), Doug Logan (CEO of Cyber Ninjas), and Jeffrey Lenberg (security analyst from New Mexico). Many testified under oath about their visit to the Coffee office to obtain a copy of the voting system.
Be sure to read expert Kevin Skoglund’s report for details. Linked here and below.
The data and software were distributed to numerous individuals across the nation on a private internet file-sharing site controlled by SullivanStrickler, paid for by Sidney Powell.
Transcripts of witnesses’ depositions of the January 6th Committee investigation include numerous references to the discussions in Trump’s Oval Office on December 18, 2020 concerning the desire to obtain Georgia software. Coffee County was even mentioned (with inaccurate information) in the draft executive orders to seize voting machines – although the orders were not signed by then President Trump or executed.
Soon after the val Office meeting, a “written invitation” was reportedly arranged with Rudy Giuliani’s help to open the doors in Coffee.
Q: Why is the Fulton District Attorney investigating a local Coffee County breach?
A: We don’t know all the elements of DA Fani Willis’s investigation, however, voting software pirated in Coffee County puts Fulton voters and all Georgia voters at risk in future elections. Serious allegations of a wide-ranging conspiracy to improperly obtain the Georgia software include individuals stretching from Coffee County locals all the way to the White House through a network of numerous Trump advisors and attorneys. Some of the forensic experts who visited Coffee to copy the files are Fulton residents, and their business is based in Fulton, and some have reportedly testified to the Fulton Grand Jury.
Q: Wasn’t voting software stolen in Michigan and Colorado too? Why is Georgia different?
A: In those states, the unauthorized individuals who obtained and distributed the software are under criminal investigations or indictments. So far, there has been no accountability in Georgia for those involved. Also, touchscreens are the highly vulnerable components of the voting system that cannot be audited or adequately tested. Touchscreen use is quite limited in Colorado and Michigan, but all Georgia voters at the polling places must vote on vulnerable touchscreens. The risk of undetectable vote-stealing malware is far higher in Georgia than other states which primarily use hand marked paper ballots counted by scanners, and audit the outcomes. (Georgia ballots marked by touchscreens and printers and stored in QR codes, rather than marking votes by the voter’s own hand, cannot be audited to confirm what selection the voter actually marked in casting his vote.)
Q: Must Coffee taxpayers pay for replacement of the compromised voting system equipment?
A: Secretary of State Raffensperger has stated that the county must pay for replacement of the equipment that was handled by unauthorized actors. This is approximately 220 system components with an estimated bill coming to Coffee taxpayers of over $440,000. 85% of that estimate is replacing touchscreens with needlessly complex and vulnerable touchscreens. Absolute waste of your money!
Q: Didn’t the software belong to Coffee County, giving county officials the right to share it with others?
A: No. The software belongs to Dominion Voting Systems, and the State of Georgia licenses it from Dominion strictly for official use in Georgia elections. The contract prohibits copying and distribution except for official use on state equipment in county election offices. Also, Georgia laws prohibit anyone but the most senior officials from being in the central server room. The Coffee server room was turned over to the unauthorized outsiders.
Q: Shouldn’t voters have the right to test how the ballots were counted and verify whether the right winners were declared?
A: Absolutely, and that is the core principle of our long running federal lawsuit. (Curling v Raffensperger) Voters should always be able to verify for themselves that the right winners were declared. Reviewing copies of software is an almost useless way to test the election for inaccurate results. Instead, if ballots are hand marked by voters (like mail ballots), quickly tabulated by scanners, with meaningful tabulation audits checking adequate samples of the original ballots, any outcome-changing manipulation can be detected and corrected. We promote the principle that “Ballots must be voted in secret, but never counted in secret.” Only hand marked paper ballots serve that principle.
Q: Has any election actually been hacked after Georgia’s software was released from the 2021 Coffee County breach?
A: It is natural to want immediate evidence of electronic manipulation – but cybersecurity experts explain that when voting software is in the hands of bad actors, vote stealing malware can be designed to evade detection. The very serious permanent problem with Georgia’s touchscreen voting system is that it is generally impossible to know whether an election was electronically manipulated, because touchscreen ballots are not trustworthy records of the voters’ choices. Ballots hand marked in ink cannot be hacked and voters don’t need to test whether their ink pen marked properly – these are trustworthy ballots and are reliable for audits and recounts.
Touchscreen ballots cannot be protected from vote-stealing malware. Studies show most voters cannot reliably spot computer-printed errors in a long ballot, and very few voters try. And poll workers do not have good options for what to do when a voter reports a suspected problem with a touchscreen printed (BMD) ballot.
About 70% of Americans vote using hand marked paper ballots counted by scanner, because trustworthy ballots are required for verifiable election outcomes. Georgia lawmakers and Secretary Raffensperger chose to ignore what most of the nation has already learned from computer experts.
Q: Why is Georgia’s touchscreen system considered so easy to attack, and what does that have to do with the Coffee breach?
A: Once Coffee officials released the state’s software out to unauthorized actors, thousands of would-be attackers can use the software to create and test viruses and exploit one or more of the many paths into the state’s system to manipulate future elections, or simply create a time bomb that goes off on Election Day to shut down machines.
Georgia’s touchscreen machines were designed to help voters with disabilities mark ballots, and most states use them solely for that purpose, and most voters mark ballots with ink pens. The touchscreens were designed with accessibility as a priority, not widespread use where tight security is needed. In Georgia, even attacking a small number of locations can affect enough votes to change an election outcome.
Q: Secretary Raffensperger says the 2020 Presidential result in Georgia was confirmed by three separate counts, and we should trust the current voting system – is he wrong?
A: Trust is earned when the system generates a reliable ballot that unquestionably reflects the voters’ choices. Because most Georgia ballot choices printed by hackable computers are not verified by voters, recounting them (as was done in 2020) does not prove that the tabulated outcome reflects the will of voters. Computer experts agree that hand marked ballots are the only current method of voting that results in a verifiable election outcome. Most computer experts we know insist on voting their own ballots by hand, not touchscreen, because they understand the touchscreen dangers of manipulating their votes.
Hand marked ballots tabulated by scanners can be audited to verify the outcome. The 2020 election was primarily conducted with touchscreen (BMD) ballots, which leaves the election without a way know for sure the voters’ choice for any contested race on that ballot. We are asking that 2024 elections be conducted with a reliable hand marked balloting system, using current scanners and auditing the declared outcomes. (See Section 3 below.)
Q: Is there any evidence that the Coffee software has been used improperly by those who took it?
A: The Los Angeles Times reported that some people who obtained copies of the Coffee records made a presentationin Washington in March promoting false information about the Georgia system, claiming their source records came from Coffee files they showed they possessed. Such disinformation campaigns can be as harmful as actual hacking. While we are critics of the Dominion touchscreen system and asking the federal court to ban the mandatory touchscreen use in Georgia, we insist that the criticism be fact-based and tested by true experts in voting systems, not exaggerated and misstated for partisan purposes or to mislead voters.
Section 2 – Unanswered Questions
While we were permitted to conduct some limited discovery about Coffee’s voting system security breach in our lawsuit about election security, and have filed many public records requests, there are many unanswered questions left to resolve. We would like local citizens’ help to put together a more complete set of facts. Please let us know if you have information to help fill in the gaps. You may email us at CoffeeInfoCGG@gmail.comor text or call (704 292 9802) or send us a letter (even anonymously) to: CGG, P.O. Box 28097 Atlanta, GA 30358. Feel free to pose questions that you believe need answers.
Here are just a few of the dozens of unanswered questions:
1. When did the Secretary of State’s office first learn of the January 2021 breach? Did they have knowledge prior to the departure of Elections Director Hampton? Did they communicate with the Coffee County officials about what they knew?
2. Why did the Secretary of State keep changing his story about when he first learned of the breach? When Atlanta’s NBC station 11Alive interviewed Secretary Raffensperger in September 2022,he and his office couldn’t keep their stories straight on when he learned of the breach and what his investigators did. He changed his story multiple times, first saying that he learned just after the breach (Jan. 2021), and then his staff claimed instead it was May 2021 that he learned it, and that his investigators interviewed Hampton in May 2021. Hampton testified that they did not interview her concerning any of this. Raffensperger later said that the allegations of the breach first surfaced only in February 2022. Why so many changes of story of what he knew and when he knew it?
3. Why wasn’t Lenberg busted? On January 26, 2021, Sec. of State investigator Josh Blanchard walked in on Jeffrey Lenberg (a Cyber Ninja colleague), who was in Ms. Hampton’s office during the third January 2021 breach of the Coffee system. (Lenberg obtained data files, ballot scans, and changed time date and settings on Coffee’s voting system computers, which is a major security violation.)
Click the link below to see the video where Lenberg and Blanchard both end up in Hampton’s office together. Yet, not a word was mentioned by Raffensperger investigator.
Despite the fact that Lenberg had no authorization to access the equipment, SOS Investigator Blanchard appears to have done nothing, ignored this incident, and never reported it in his investigation of Coffee system security. Why would this be? (Also see question 9 below.)
4. When did Dominion first learn that their software was pirated in the breach? How did they react? There is nothing in the public record. The Secretary of State claims that Dominion has never written his office so much as a text message or email mentioning this massive breach that puts Dominion software at dangerous risk. It seems incredulous that no written communication exists between the SOS office and Dominion on what amounts to the largest known voting system breach in the nation’s history. Did Dominion communicate with Coffee lawyers about it? (Coffee attorneys say that all their emails from that period were likely destroyed in a cyber attack.)
5. When security videos were reviewed to document alleged discrepancies in Hampton’s hours in February 2021, how did officials explain strangers coming into the office with equipment, working with the voting system, and exiting with Hampton? These outsiders were coming and going at the election office 8 days during January 2021, sometimes leaving late with Misty. Did these hours of video footage capturing the visitors working with the voting system escape the notice of county management who tracked Hampton’s work hours down to the minute on worksheets, as the purported support to seek her resignation?
6. Who threatened Coffee County with legal action just before Ms. Hampton was asked to resign? On February 24, 2021 the night before Ms. Hampton’s resignation was requested, Board of Elections members were texting about a new lawsuit that was to be filed against Coffee County that had been communicated to County Attorney Tony Rowell. “Potential litigation” or “judicial actions” are on the executive session agenda for 2/25/21, but the board still will not disclose whether the threatened lawsuit was against the county, nor how they resolved it. This should not be secret information. Who was planning to sue Coffee election officials and why? How was this legal threat resolved? Why is this information hidden from Coffee County voters?
Photo: 2/24/21 text messages concerning new legal actions. Text exchange among Bd of Elections and Hampton before her resignation 2/25/21:
7. Did county officials know of the breach before dismissing Ms. Hampton? On February 25, 2021 a quorum of the Board of County Commissioners reportedly met secretly (without public notice) with the Board of Elections (whose meeting did have public notice) to discuss the termination of employment of Ms. Hampton and Ms. Ridlehoover. Georgia Sunshine laws require public notice anytime a quorum of board officials is together and discusses government business. Georgia law requires that any evidence considered in employee disciplinary actions be considered in public, not behind closed doors. Did any of the officials review the video to see the unauthorized visits before seeking Hampton’s resignation? Were they told about the video? Why was this secret meeting of commissioners held and the public kept in the dark?
County commissioners and election board members claim to have no records, emails, or text messages about the breach, this meeting or Ms. Hampton’s termination, despite state laws requiring officials to preserve such records. We are aware of certain records some officials did have, but did not produce under subpoena, denying they had such records.
8. Why do the county attorneys deny this secret commissioners’ meeting took place? For over 6 months, county attorneys have repeatedly denied that a quorum of commissioners met on February 25, 2021, although eyewitnesses and participants tell us that the closed-door meeting with the election board was conducted with the county attorney present. According to multiple eyewitness reports, Ms. Hampton’s resignation was discussed, and the county attorney was present, and the security video was available for officials’ review.
When Election Board Chair Wendell Stone was asked in the board’s May 2023 meeting whether the breach had a part in Ms. Hampton’s departure, and whether the commissioners were aware, Chairman Stone refused to answer. He claimed the board could not discuss personnel matters in public. (See 5/2/23 linked below.) That is not consistent with Georgia law that evidence is to be taken in public meetings regarding employee discipline.
Most recently, the county attorneys state that all of their firm’s emails from this period are likely gone because of a cyber attack.
9. Why did Mike Lindell fly into Douglas for a few hours the night Ms. Hampton was fired? Late on the night of February 25, Mike Lindell (My Pillow) flew into Douglas in his private jet and stayed for a just a few hours. His attorney Kurt Olsen had reached out to Misty Hampton, introducing himself the previous day seeking a conversation. Why was Mike Lindell contacting Ms. Hampton after the word began to get out that she would be terminated the next day? Who did Lindell see when he visited Douglas for a few hours late at night?
The trip started likely at Mar-A-Lago, went to Washington, and then on to Douglas late at night. Why?
10. Why didn’t SOS investigators find or report Cyber Ninjas’ visit to Coffee? On May 7, 2021, new election director James Barnes contacted Secretary Raffensperger’s office stating that he had found Cyber Ninja (Doug Logan) business card at Hampton’s computer. On May 11, SOS office began an “investigation.” Logan was widely known to have been attempting to obtain Georgia voting software since just after the election. But the Secretary Raffensperger’s investigation trail stops on the very day it began. Despite the fact that security videos show Logan spending January 18-19, 2021 in the Coffee office, which Logan later testified was spent “testing” equipment, SOS investigators did not pursue any inquiries, and did not request the security video recordings for that period. Why didn’t the SOS investigator pursue this concerning fact?
11. Why did the damning security videos take 20 months to surface? Four cameras of security video recordings in the Election Office (interior and exterior) for the period of mid-November 2020 until late February 2021 were preserved on the county server and used as basis for seeking Ms. Hampton’s termination based on hours worked. The videos showed the people involved in the three January 2021 breaches.
However, from March 9, 2022 until late September 2022, Coffee County attorneys repeatedly insisted in response to our subpoenas and public records requests that no such videos existed, although the truth is that thousands of hours of such video recordings existed in their possession on the county server. After the GBI began to seek those videos, the videos suddenly were “discovered,” with the exterior video existence disclosed to plaintiffs on August 26, 2022 and the interior disclosed on September 16, 2022, after the depositions had been taken, preventing our attorneys from asking deposition questions those videos generated.
Why did it take so long to “discover” the videos on the county server? Why did it take 3 weeks between the “discovery” of the exterior building video and the discovery of the interior video showing the participants at work, when both videos were on the county server? Did officials know all along that the damning videos were available but concealed them even under subpoena? The county’s IT contractor has refused to answer public records inquiries about this.
12. How can the loss of 9 years of all Ms. Hampton’s office emails be explained? Federal and state law requires all election records to be preserved for 22 months to 2 years. Official emails are required to be maintained as well for at least 2 years. Yet, after inquiries were made by SOS investigators to review Hampton’s emails related to Cyber Ninjas in May 2021, the emails were suddenly lost and disappeared. The excuse given was that the Coffee Microsoft Office 365 licenses were reassigned and it caused the loss of all election emails. It is not known whether the SOS investigators viewed the emails before they disappeared. We are asked to believe that this was just all strange coincidence.
13. Why was Eric Chaney permitted to serve on the Board of Elections with no inquiry after credible allegations surfaced of his involvement in permitting the copying of the software? Reporters contacted the county attorneys in early April 2022 with credible reports that Mr. Chaney had been present and helped facilitate Sidney Powell’s contractors copying of the voting system. Mr. Chaney denied knowledge or presence. We don’t know whether the attorneys informed the Board of Elections or the County Commissioners of the allegations, or whether the Board already knew from the February 2021 review of the video recordings. He resigned from the board on August 12,2022 just before his deposition on August 15. He pleaded the Fifth Amendment over 250 times during his deposition. Yet county officials took no action to investigate what had happened or the condition of their voting system. (Rachel Roberts, Election Director, did ask whether the system should be examined and recertified, which is exactly the right question. But she was apparently silenced by the county attorneys and Secretary of State.)
14. How did Ms. Hampton obtain a lucrative contract to program a Treutlen County election? In May and June of 2021, Ms. Hampton was engaged by Treutlen County to program machines and conduct a very small special runoff election and was paid $20,800 for 5 weeks of part time contract work. Such a rate is far more than her Coffee compensation or the market rate for such work. After providing improper access to Coffee’s voting system, why was she permitted to have access to voting system software again? Why was she paid an amount so far above the market rate? Why did Treutlen need this additional help for a tiny election? (Treutlen County is not answering and has no documentation of any of this other than Hampton’s invoices.)
Interestingly, her work for Treutlen took place about the same time that some people involved with the Coffee voting system copying flew her to Michigan to work with them on further testing of the system copies and data they improperly obtained in Coffee.
More…
Many more questions have been swirling for months, which we’ll toss out there in a follow up email if it seems that this method of communication is an effective way to get answers.
Section 3-Election Security is Workable and Saves Money
If Coffee County voters want to see the upcoming Douglas November municipal elections and the 2024 elections secured, the solutions are easy and within the control of the Coffee Board of Elections. Our next update will cover the simple steps that need to be taken to do so. Savings of thousands of taxpayer dollars will be a positive by-product of a more secure election process.
We will also explain why the voting system equipment “replacement” that Secretary Raffensperger undertook in September was ineffective and merely a “feel good” exercise, which may cost the county several hundred thousand dollars.
The county election board, (or at least Chairman Stone), seems to misunderstand and misrepresent the current failed security of the system, giving false assurances to voters about election security. (See video of May 2, 2023 meeting linked below.) We will explain why the system is not secure and Mr. Stone’s statements should not be relied on regarding the safety of the system or the value of past “audits.”
To receive our follow up email, email us at CoffeeInfoCGG@gmail.com or text your email address to 704.292.9802.