The CEO of a firm that manages information associated with U.S. elections has been arrested amid allegations that his company improperly stored information on servers in China.
Eugene Yu, the head of software company Konnech, allegedly compromised information on hundreds of county election employees and is set to be extradited from Lansing, Michigan to Los Angeles, California, according to the LA Times.
“Konnech allegedly violated its contract by storing critical information that the workers provided on servers in China,” LA County District Attorney George Gascón said. “We intend to hold all those responsible for this breach accountable.”
Prosecutors said they learned of the data breach earlier this year through a “separate investigation.”
The separate investigation that led to criminal charges was launched by the nonprofit election integrity organization True the Vote after a massive trove of documents and information found by the organization raised suspicions about the security of U.S. elections. Researchers examining multiple technology providers made a discovery while probing companies that supply administration software to U.S. election agencies.
Investigators came across an IP address for a server belonging to Konnech, but records show that the server was actually located in China. Cybersecurity professionals discovered the server was completely unsecured with either no password, or the default password of “password,” and were able to access all data from the server without any type of brute force intrusion.
Researchers say they discovered the server contained records of nearly 1.8 million U.S. election workers with all of their personally identifiable information, including names, phone numbers, addresses and the names of their family members. The server even contained their personal banking records.
All of this sensitive information was transmitted from the U.S. and stored in China.
Investigators say the Konnech server also had details on where election machines were physically located, as well as floorplans of the buildings used around the country in U.S. elections.
Upon the discovery, True the Vote’s top priority was to get the information to federal law enforcement officials.
Catherine Engelbrecht, co-founder of True the Vote, told Timcast that when presented with the information from one of their researcher resources, Gregg Phillips, head of a company called OpSec which is contracted with True the Vote, said, “This is a national security threat. We’ve got to get this to the FBI.”
She described an intense period of time during which the organization believed the U.S. government would help them. Phillips traveled to meet with the FBI field office in Detroit, Michigan to share all of the source documents with federal officials. A digital copy of the sensitive information found on the server was provided directly to the FBI.
Despite having copies of the millions of records obtained from the company’s servers, the FBI declined to pursue an investigation.
“We operated in good faith, until they burned us,” Engelbrecht lamented. “And then we chose a very difficult decision, which was to go it alone. And we did.”
Since 2021, True the Vote has been smeared as a “conspiracy theory” operation, with Engelbrecht admitting her organization has been made “radioactive” by the mainstream establishment. But, following the discovery of the Konnech server, she vowed to press on, saying sitting on the sidelines is not an option.
“You had a very difficult choice to make,” she said. “We could just watch this continue and say nothing and watch midterms happen and know what’s going on, and that nobody is bold enough to do anything, or we could figure out another way.”
Despite stagnation by federal officials, the group continued their investigation, submitting Freedom of Information Act (FOIA) requests to try and determine how pervasive the data compromise was. Soon, they learned that not only did the FBI not follow through on an investigation into Konnech, but the Bureau had opened investigations into True the Vote.
Elgelbrecht and Phillips were shocked to find themselves the subjects of an investigation after providing hard evidence of Konnech’s alleged criminality to the nation’s top investigative body. However, the pair escalated their efforts to expose the information their organization had discovered.
In August, True the Vote organized an invitation-only event called “The Pit” just outside of Phoenix, Arizona, where journalists, election officials, law enforcement officials and other interested stakeholders would converge. The all-day event, which was livestreamed, featured detailed presentations of how the server was found, along with screenshots of its contents.
Weeks after the presentation at The Pit, Konnech filed a lawsuit against Engelbrecht and Phillips, alleging the pair attacked Yu with “racism” and “xenophobia” following the revelations of the company’s apparent ties to China.
The lawsuit says Yu has “no affiliation with the Chinese Communist Party whatsoever.” It does not, however, address the information published by True the Vote showing purported links to China.
Konnech’s court filing also disputes the claim that millions of records with personal information were found, and asserted — without evidence — that the only way their data could have been compromised was through a hack.
The filing states:
To be clear, however, all of Konnech’s U.S. customer data is secured and stored exclusively on protected computers located within the United States. Konnech controls access to its office, enters into confidentiality agreements with its customers and employees, and uses two-factor authentication, restricted access, and other security measures to control access to its protected computers. Only a select group of Konnech employees that have been provided with that two-factor authentication have authority to access the protected computers which contain poll worker data.
On Oct. 3, the New York Times published an article refreshing the mainstream “conspiracy theory” narrative against the beleaguered True the Vote.
The Times article featured a quote from an election board chair who said this is “a completely fabricated issue,” and used the word “conspiracy” on ten separate occasions.
Yet, the very next day corporate news outlets reported that Eugene Yu, Founder and Chief Executive of Konnech, had been taken into custody. The New York Times then reported that prosecutors “said its investigators had found data stored in China.”
NPR — which previously reported that Konnech had at one point added a “2022 Election Mis-information Advisory” to their website stating “Konnech has never stored customer data on servers in China” — acknowledged on the day of Yu’s arrest that the statement was “no longer visible on the company’s homepage.”
Engelbrecht told Timcast that because of the FBI’s inaction, her organization was forced to take the evidence to other law enforcement agencies who are actually interested in pursuing criminal charges. The Pit was the location where she made the announcement about which law enforcement agencies the organization would approach to consider opening investigations.
“It’s why at the Pit we published all the jurisdictions and we said, ‘We’re going to all these jurisdictions with this,’” she said.
Engelbreght added, “It is crucial to our national security that every impacted jurisdiction immediately take actions similar to Los Angeles County.”
And while more is to be learned about what actually happened during this episode where sensitive U.S. election-related information was discovered on a Chinese server, the one solid fact to which the public can now point is that a man has been arrested and is in custody in connection with the incident.