In December 2016, Georgia secretary of state Brian Kemp accused the Department of Homeland Security of attempting to hack his office's systems, which include the Georgia voter registration database. Six months later, the DHS inspector general concluded that the allegations were unfounded; someone on a DHS computer had simply visited the Georgia Secretary of State website. Now, two days before an election in which Kemp himself is the Republican candidate for governor, he has levied similarly unsupported charges—this time against his democratic opponents.

The Georgia Secretary of State’s office released a short statement on Sunday morning that it had opened an investigation into the Democratic Party the previous evening, “after a failed attempt to hack the state's voter registration system.”

The Democratic Party of Georgia sharply denied the accusations in a statement to reporters. “Brian Kemp’s scurrilous claims are 100 percent false, and this so-called investigation was unknown to the Democratic Party of Georgia until a campaign operative in Kemp’s official office released a statement this morning,” wrote Rebecca DeHart, executive director of the state’s Democratic Party. “This is yet another example of abuse of power by an unethical Secretary of State.”

Kemp’s office said it has alerted DHS and the FBI. A DHS official told WIRED in a statement that, “The State of Georgia has notified us of this issue. We defer to the State for further details.” The National Association of Secretaries of State declined to comment on state-specific investigations.

"Kemp is redirecting his administration's failure to secure state infrastructure to his opponents." Jake Williams, Rendition InfoSec

While anything is possible, Kemp's claims seem unlikely on their face, especially when you parse what little information his team has provided. “We opened an investigation into the Democratic Party of Georgia after receiving information from our legal team about failed efforts to breach the online voter registration system and My Voter Page,” his office said in a statement. “We are working with our private sector vendors and investigators to review data logs.”

A legal team seems like a surprising source for the discovery of a hacking attempt, and the fact that security teams then began reviewing the logs makes whether any suspicious activity was actually seen an open question. Kemp’s office did not provide any information about the alleged attack, or when it purportedly occurred.

“While we cannot comment on the specifics of an ongoing investigation, I can confirm that the Democratic Party of Georgia is under investigation for possible cyber crimes," Georgia secretary of state press secretary Candice Broce wrote in a statement. Not sharing details of an investigation is a common practice, but that supposed restraint apparently did not apply to the direct, vocal accusation of Kemp's Democratic opposition.

In his dual role as Georgia secretary of state and gubernatorial candidate, Kemp wields tremendous influence and faces monumental conflicts of interest. Over the past year, for instance, Kemp purged more than a million voters from Georgia’s rolls and has backed restrictive voter ID laws. On Friday, a federal judge determined that Kemp's "exact match" policy, which required that a voter's name on the roles perfectly mirror that on their identification, was likely to infringe on voting rights, and issued a preliminary injunction allowing impacted people to simply show proof of citizenship to a poll worker before voting.

Under Kemp's watch, Georgia is also one of only five states that still uses electronic voting machines that do not generate a voter-verified paper backup—meaning there is no auditable alternative accounting of votes aside from the digital record. Kemp has resisted finding the funding to replace the machines, and was one of only about 11 top election officials who declined assistance from DHS to secure election infrastructure in the wake of the 2016 presidential election. Georgia’s digital election infrastructure has had numerous vulnerabilities and data exposures while Kemp has been in charge.