Photo: John Bazemore (AP)

Two days before Georgia voters headed to the polls last month to decide between Democrat Stacey Abrams and Republican Brian Kemp in the gubernatorial race, Kemp, who was secretary of state, pulled a brazen stunt that seemed ludicrous at the time.

Kemp’s office announced that it was opening an investigation into the Georgia Democratic Party following “a failed attempt to hack the state’s voter registration system.” In a vague statement offering no evidence, Kemp’s office ominously warned that “the Department of Homeland Security and Federal Bureau of Investigation were immediately alerted.”

Now, an investigation by The Atlanta Journal-Constitution is officially calling bullshit on those claims.

Per the report:

It was Nov. 3, a Saturday, 72 hours to Election Day. Virtually tied in the polls with Democrat Stacey Abrams, Kemp was in danger of becoming the first Georgia Republican to lose a statewide election since 2006. And, now, a new threat. The secretary of state’s office had left its voter-registration system exposed online, opening Kemp to criticism that he couldn’t secure an election that featured him in the dual roles of candidate and overseer.

But by the next day, Kemp and his aides had devised one solution for both problems, an investigation by The Atlanta Journal-Constitution shows.

Advertisement

Six weeks later, the newspaper concluded: “It appears unlikely that any crime occurred.”

The Journal-Constitution interviewed security experts, political operatives, and lawyers, and reviewed court and public documents to determine whether the accusation had any merit. By all appearances, it did not.

Advertisement

Kemp narrowly won with a final vote tally of 50.2% in the state’s closest gubernatorial race in decades.

“It was an extraordinary abuse of power,” Rebecca DeHart, executive director of the Democratic Party of Georgia, told the newspaper.

Advertisement

When the newspaper attempted to obtain documents related to Kemp’s “investigation,” his office claimed attorney-client privilege.

“I think they got desperate and felt like they just had to make something up,” the Abrams campaign’s director of strategic communications said.

Advertisement

What appears to have happened, according to the investigative report, is that a Georgia voter with a background in software development logged on to the secretary of state’s My Voter Page to check his registration information. While there, he found “two significant security flaws”: one allowed users to download any file on the system, and the other allowed users to “download anyone’s data,” including personally identifiable information.

According to the Journal-Constitution:

Computer security experts said both flaws would have enabled a hacker to delete any voter’s registration or to make changes that might render a voter ineligible. The experts also said hackers could have systematically targeted large numbers of voters who belonged to certain minority groups or those who appeared to favor one political party over another.

Advertisement

The man who discovered all of this sounded the alarm by alerting a good-governance group and the voter-protection hotline at the Georgia Democrats’ headquarters, according to the report. That was how the Democrats became involved.

Eventually, lawyers representing the secretary of state were notified of the security vulnerability. And you can guess what Kemp did with that information. (One thing he didn’t do is notify the State Election Board, the newspaper said.)

Advertisement

Per the report:

About the same time, Kemp’s campaign released its own statement, claiming that Democrats had attempted “a fourth-quarter Hail Mary pass that was intercepted in the end zone.”

“These power-hungry radicals should be held accountable for their criminal behavior,” the campaign said.

The two statements shaped the narrative of the final hours before Election Day.

Read the entire report.