A candidate for class president at Berkeley High School in California was found to have hacked the online balloting process—voting early and often for himself. The school's default email password settings made it possible.
Large-scale voting fraud in a Berkeley High student government election has gotten two candidates disqualified and revealed a vulnerability in the district’s technology system.
No software hacking or Russian meddling was required.
A candidate simply logged into his classmates’ email accounts and cast hundreds of online votes for himself, according to administrators.
John Villavicencio, BHS director of student activities, first noticed a suspicious spike in support for two of the candidates running for student-body president and vice president a couple of days after the voting period opened in mid-March. Students were casting ranked-choice ballots via a Google Form accessed through district-provided Gmail accounts, and election administrators could observe the live results. The sudden influx of votes favoring these two candidates was blatant, Villavicencio said.