Smartmatic Vulnerability Had Been Exposed in 2017 Lombardy Referendum

Nov. 20, 2020 (EIRNS)—Four days before a consultative referendum was to be held in the Northern Italian region of Lombardy on Oct. 22, 2017, a hacker discovered and exposed a breach in the security system of the Smartmatic software used for the vote. Smartmatic was eventually forced to replace the software with another one.

Matteo Flora, one of Italy’s best-known cyber-experts and hackers, discovered on Oct. 18 that the Smartmatic software had a serious vulnerability. Flora entered the Smartmatic servers and found “virtual machines, installing scripts with open repositories ... the part related to vote counting ... certificates, readable certificates keys, certification authorities, deployment scripts on docker, user and passwords embedded in the scripts,” etc.

He immediately contacted the authorities, and Smartmatic defended itself saying that the data Flora had accessed were “not important.” The electoral authorities announced that they would no longer use Smartmatic Election 360 but “another software of the [same] company.”