I may have stumbled upon a problem that could disenfranchise voters and cause havoc with our election.

With publicly available information online and the state voter resources, I believe it is possible to change residents' voter registration without their knowledge & consent. I can imagine multiple scenarios where this could be problematic—like, having tens of thousands of voters having to fix their registration on Election Day after arriving at the polls. Some voters might be unable to vote before the polls close from this physical Denial of Service Attack. I'm not sure how voting district changes might affect absentee ballots, but I think that may be an issue.

For example, if an attacker, with nearly zero resources, was to target you - the information they would need is:

(All information gathered from Facebook, voterrecords.com, and higherprogrammer.com's Michigan driver's license calculator).

Check Voter Registration & Absentee Ballot Status -https://mvic.sos.state.mi.us/Voter/Index/

First Name: Last Name: Birth Month: Birth Year: ZIP Code:

Update Voter Registration: https://mvic.sos.state.mi.us/RegisterVoter/Index

Full name: Michigan driver's license or state ID number: Birthdate (mm/dd/yyyy): Eye color: Social security number (last four digits):

While the last 4 of your social security number is not publicly available on the internet - an actor might have access to it through other means. For example, the Equifax breach in 2016 that exposed 143 million consumers driver license numbers, social security numbers, and more.

Even without knowing your SSN & Eye color, a computer program can run through all possible combinations in seconds.

For an attacker with serious resources, like state-sponsored hackers, this would be trivial.