Screenshot of EAC internal site, obtained by Recorded Future

According to Recorded Future, a hacker going by the name Rasputin was trying to sell an unpatched system vulnerability, and it identified more than one hundred logins that were compromised. The hacker apparently used an SQL injection to obtain the list of logins and passwords that were eventually cracked. With that kind of access, someone could access testing plans and results for various voting machines. The EAC does not store voter's personal information or vote totals.