Democratic lawmakers have pressed DHS for months to tell states if they were targeted as part of what intelligence officials said was a Kremlin-ordered campaign to undermine the 2016 U.S. elections. | Getty States finally find out: Did Russian hackers target them?

The Department of Homeland Security on Friday notified the 21 states it says Russian government hackers tried to breach during the 2016 election, ending a monthslong standoff with critics who wanted the agency to open up about its findings.

As of late Friday, all 21 states targeted states had confirmed the hacking attempts. But no new states came forward to say they had been breached.


There didn't seem to be any immediate pattern to the targeted states. They were red, blue and purple and geographically dispersed from Florida in the Southwest, to Texas in the South, to Minnesota in the Midwest, to Oregon in the Northwest.

And while some predictable swing states like Ohio were among those targeted, other seemingly prime targets like Michigan were spared, according to those states.

Morning Score newsletter Your guide to the permanent campaign — weekday mornings, in your inbox. Email Sign Up By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

In total, a DHS official said only a few networks were successfully breached, and none of those networks involved vote tallying. It was previously known that Arizona and Illinois had their voter registration systems digitally infiltrated during the election. POLITICO did not hear from any other states that said their election systems had been compromised.

“DHS notified the Secretary of State or other chief election officer in each state of any potential targeting we were aware of in their state leading up to the 2016 election,” DHS spokesman Scott McConnell told POLITICO.

Alabama, Alaska, California, Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, North Dakota, Oklahoma, Pennsylvania, Virginia, Washington and Wisconsin were the other subjects of potential targeting, according to those states and the Associated Press.

In many states, officials told POLITICO that the targeting amounted to very little — often passing attempts to scan systems for vulnerabilities.

“DHS reported to us an incident. However, it lasted less than a second and no security breach occurred," said Sam Rossi, press secretary for the Ohio Secretary of State. "Nothing.”

For many states, the information was comforting reassurance that they hadn't missed some troubling digital malfeasance during the heat of the campaign.

"We're glad we finally got the full picture of what [DHS] knew and what kind of information they had since last October," said Sam Taylor, communications director for the Texas Secretary of State.

Taylor told POLITICO that Russian hackers had apparently gone after the Secretary of State's public-facing website, which doesn't host any voter registration information. If digital meddlers get access to voter rolls, they can manipulate or delete data, causing chaos on election day and potentially suppressing certain people's attempts to vote.

"It’s definitely a relief to know that nothing was compromised," Taylor said.

Democratic lawmakers had pressed DHS for months to tell states if they were targeted as part of what intelligence officials said was a Kremlin-ordered campaign to undermine the 2016 U.S. elections. The department resisted, saying it regularly kept victim information secret when it worked with partners in various critical infrastructure sectors, such as banking or health care. But on Friday, DHS relented.

“Recognizing that state and local officials should be kept informed about cybersecurity risks to election infrastructure, we are working with them to refine our processes for sharing this information while protecting the integrity of investigations and the confidentiality of system owners,” McConnell said.

“We will continue to keep this information confidential and defer to each state whether it wishes to make it public or not,” he added.

Critics of DHS' delay welcomed the move. But they did not ease up on their condemnation of how the agency had handled the situation.

"It's unacceptable that it took almost a year after the election to notify states that their elections systems were targeted, but I'm relieved that DHS has acted upon our numerous request," said Virginia Sen. Mark Warner, the Intelligence Committee's top Democrat, who is helping lead the Senate's investigation into Russia's election meddling.

"We have to do better in the future," he added. "Our elections are the bedrock of our democracy, and DHS needs to notify states and localities in real-time when their systems are targeted."

DHS officials first revealed the total number of states that were targeted during a hearing in June.

In addition to probing state election systems, U.S. officials say Russian hackers are responsible for stealing and strategically leaking internal documents from the Democratic Party and Hillary Clinton's campaign in an effort to help elect President Donald Trump.

Tim Starks contributed to this report.