1. Florida Politics
  2. /
  3. The Buzz

PolitiFact Florida: Tulsi Gabbard exaggerates in saying a kid hacked into a replica of Florida’s election system

The Democratic presidential candidate made the claim on a talk show.
Rep. Tulsi Gabbard, D-Hawaii [AP]
Published Jul. 3
Updated Jul. 8

After President Donald Trump joked with Russian President Vladimir Putin about Russia meddling in U.S. elections, a talk show host asked Democratic presidential candidate Tulsi Gabbard to respond.

Appearing on HBO’s Real Time with Bill Maher, Gabbard, a U.S. representative from Hawaii, told Maher:

“We have to take seriously the security of our elections because of the vulnerabilities that exist — still, now — that really have the ability to undermine our democracy. There’s a hacking conference that’s held every year in Las Vegas, where I think a 14- or 15-year-old girl from Florida hacked into a replica of Florida’s election system in less than 15 minutes.”

What we found is some indication of vulnerability — even if it’s not a direct threat to the voting system itself. At least one kid did do some quick hacking.

But two points are problematic for Gabbard’s claim.

First, there wasn’t hacking into a replica of the election system — but rather a website made to look like Florida’s Secretary of State website that reports preliminary election results. In other words, not the system that receives and counts actual votes.

And second, what was hacked into was not even a replica — as in an exact copy of the website — because it did not contain the proprietary security features that the Secretary of State website has.

As the National Association of Secretaries of State said at the time:

“While it is undeniable websites are vulnerable to hackers, election-night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results.”

To support Gabbard’s statement, her campaign sent us two news articles about DEFCON 26, a hacking and cybersecurity event held in Las Vegas in August 2018. As part of the annual event, kids ages 8 to 16 could try to hack into what DEFCON described as replicas of election websites of 13 battleground states, including Florida.

One article said an 11-year-old boy hacked into the website that was made to look like the Florida Secretary of State’s website; and the other article said an 11-year-old girl hacked into one of the sites, but didn’t indicate which state. Both were done in under 15 minutes. (The home states of the kids were not named.)

As DEFCON said, the purpose was not nefarious: “By exposing the cyber vulnerabilities of these websites, young contestants will compete for prizes in a number of categories, including proposing the best plan to defend the Secretary of State websites from cyber attacks.”

But to be clear: While the websites might report election results and have other voting information, they are not used to receive or count actual votes.

One of the articles, from PBS Newshour, said an 11-year-old boy hacked into a version of the Florida state election website and changed voting results in under 10 minutes. And an 11-year-old girl tripled the number of votes on the same site in about 15 minutes.

In other words, hacking into a state’s election website could cause confusion if results were manipulated. But that is not the same as hacking into an election system and actually changing votes.

And with regard to how closely the hacked websites matched the actual websites, ProPublica published an article shortly after the DEFCON convention emphasizing that the websites hacked by the kids were not actual replicas of the state election websites.

“Instead, students were working with look-alikes created for the event that had vulnerabilities they were coached to find,” ProPublica said. “Organizers provided them with cheat sheets, and adults walked the students through the challenges they would encounter.”

Josh Franklin, an elections expert formerly at the National Institute of Standards and Technology and a speaker at DEFCON, was quoted as saying the websites were “fake.”

“When I learned that they were not using exact copies and pains hadn’t been taken to more properly replicate the underlying infrastructure, I was definitely saddened,” he said.

Similarly, reported after Gabbard’s interview that DEFCON organizers had given the participants “clones” of state election websites “with vulnerabilities inserted by the organizers. In particular, the sites were designed to be vulnerable to SQL injection attacks, one of the most ancient — and yet still very common — hacks ever.”

So despite news reports that used terms such as replica and facsimile, the hacked site Gabbard referenced was not a copy of the Florida site and did not contain the same security features. Moreover, the site that the hackers meant to target does not include the system that is used for receiving and tabulating actual votes.

Gabbard’s loose recollection could leave readers with the wrong impression about the vulnerability of Florida’s election system. We rate her statement Mostly False.

Read more rulings at


  1. Marijuana plants grow in a greenhouse environment in this room at the Curaleaf Homestead Cultivation Facility. This environment controls the amount of natural sunlight and artificial light the plants are exposed to, as well as the temperature. EMILY MICHOT  |  Miami Herald
    An Atlanta broker is listing one license for $40 million and the other for $55 million.
  2. Screenshot from Facebook. Facebook
    The claim comes from a widely shared Facebook post.
  3. The 12 Democratic presidential candidates in the next debate are, from top left, Joe Biden, Cory Booker, Pete Buttigieg, Julián Castro, Tulsi Gabbard, Kamala Harris, and, from lower left, Amy Klobuchar, Beto O’Rourke, Bernie Sanders, Tom Steyer, Elizabeth Warren and Andrew Yang. Los Angeles Times
    The field is still thick with 12 candidates set to debate Tuesday night. Here’s what to watch for.
  4. FILE- In this Oct. 11, 2018 file photo, rescue personnel perform a search in the aftermath of Hurricane Michael in Mexico Beach, Fla. A year after Hurricane Michael, Bay County, Florida, is still in crisis. Thousands are homeless, medical care and housing are at a premium, and domestic violence is increasing. Michael was among the strongest hurricanes ever to make landfall in the United States. This summer, county officials unveiled a blueprint to rebuild. Among their ideas: Use shipping containers and 3-D technology to build new houses and offer signing bonuses to lure new doctors.  (AP Photo/Gerald Herbert, File) GERALD HERBERT  |  AP
    Lawmakers today are discussing why nearly 12 percent of claims are still open.
  5. Rain from Tropical Storm Hermine and high tides flooded streets around Tampa last September. A new analysis projects that sea level in Tampa Bay could rise 5 to 19 inches by 2040. That is prompting local officials to look at plans to anticipate and cope with the changes. ANDRES LEIVA   |   Times (2016)
    “We lost a decade,’’ said Sen. Tom Lee, R-Thonotosassa.
  6. Florida Governor elect Ron DeSantis, right, thanks Lev Parnas on Tuesday, Nov. 6, 2018 in Orlando at the watch party for DeSantis. DeSantis defeated Democratic candidate Andrew Gillum. CHRIS URSO  |  Times
    A Tampa Bay Times photograph and a video posted by a Reuters reporter shows Parnas smiling with DeSantis amid the chaos of the watch party.
  7. Andrew Gillum.
    Sharon Lettman-Hicks, one of Andrew Gillum’s closest advisers, helped the Florida Democratic Party register new voters.
  8. Sen. Rick Scott, R-Fla. [DAVID SANTIAGO | Miami Herald]
    Scott’s received contributions from the two associates of Rudy Giuliani who were arrested last week.
  9. Emissions from cars and trucks are a major source of the greenhouse gases fueling climate change. An analysis by the New York Times found that air pollution from those sources has increased in the Tampa Bay area by 55 percent since 1990. [Times (2008)]
    Florida once had emissions inspections, but Jeb Bush ended them in 2000
  10. Trump National Doral resort in Doral. EMILY MICHOT  |  TNS
    Gov. Ron DeSantis, who was listed as a speaker Friday evening, appeared that night at the Republican Party of Miami-Dade County’s Lincoln Day Dinner, a well-attended gala also held at Trump National...