Georgia election officials withheld evidence in voting machine breach, group alleges

A filing accuses county election officials of withholding records related to unauthorized copying of voting software by Trump allies in 2021.
Local resident Cierra Johnson (L) and her daughter Reniya Weekes (2nd L) hold signs to encourage people to vote early outside a polling station on November 29, 2022 in Atlanta, Georgia. A nonprofit suing the Coffee County Board of Elections claim the board withheld emails and security camera footage relevant to a 2021 breach of voting machine software and other election systems. (Photo by Alex Wong/Getty Images)

A Georgia-based nonprofit that is suing the Coffee County, Georgia Board of Elections over an alleged breach of voting software weeks before President Joe Biden was sworn into office is asking a judge to sanction officials involved in the case, saying in new court filings that they repeatedly stonewalled and withheld crucial evidence during discovery.

In a 274-page filing submitted Tuesday, the group claims that Coffee County election officials withheld emails outlining what they knew about the alleged breach, relevant communications between the board and a lawyer associated with “Stop the Steal” legal efforts to overturn the 2020 presidential election, and security camera footage of forensic experts visiting the Coffee County office where voting software was copied.

“There is no doubt that there is a compelling public interest in the timely, reliable, and accurate production of evidence related to the Coffee County breaches — an interest [the board] and its counsel attempted to frustrate at every turn,” the motion claims.

The Coffee County breach, part of a multi-pronged effort by the Trump campaign and affiliated lawyers to identify evidence of hacking or election fraud in the wake of losing the 2020 presidential election, is considered one of the most serious breaches of voting equipment in recent memory. 


Cybersecurity experts have expressed concerns that the spread of unauthorized copies of the software and other election tools obtained by individuals linked to Trump’s effort to overturn the 2020 election may make it easier for bad actors to study or exploit vulnerabilities in future elections.

In 2019, Georgia signed a contract with Dominion Voting to deploy voting machines statewide that use software copied in the Coffee County breach. Last year, Georgia Secretary of State Brad Raffensperger approved an updated version of Dominion voting software to be piloted in five municipal elections, in an attempt to improve voting machine security. But according to the Atlanta Journal Constitution, the state does not plan to roll out those updates statewide until after the 2024 election.

The group behind the lawsuit, the Coalition for Good Governance, is asking a Georgia court to sanction and compel the board to pay its legal costs. The requested amount is $683,000, but a lead member of the group said in an interview that total legal costs involved in the effort will end up closer to $1 million.

Marilyn Marks, the group’s executive director, told CyberScoop they were asking the court for sanctions relief because they believe the Coffee County Board of Elections obstructed, concealed and withheld evidence that materially impacted the depositions of multiple board members and unindicted co-conspirators associated with the alleged breach.

“The judge is going to have to look really closely at this,” Marks said. “This cannot be in the public interest — to allow law firms and public bodies to try to conceal crimes of this nature.”


The complaint includes a copy of a letter that attorney Preston Haliburton sent to Coffee County BOE officials Misty Hampton and Eric Chaney in December 2020. It’s believed to be the earliest known communication between outside parties and Coffee County officials leading up to the breach, though the existence of the letter was previously discovered through follow-up responses and communications from the board, according to Lawfare.

The letter, framed as a public records request, asks officials to turn over mail-in absentee ballots and electronic copies of ballots that were counted or discarded during the 2020 presidential election. That eventually led to forensic experts from the Georgia IT consulting firm Sullivan Strickler visiting Coffee County offices, where they scanned and took copies of the county’s voting software and equipment, including tabulators, ballot marking devices, election management servers and poll pads.

Haliburton — who has also represented Rudy Giuliani and Cathy Latham, a former GOP chair for Coffee County who was indicted last year for serving as one of Donald Trump’s fake electors — shared phone and email contacts for himself and another Georgia attorney, Robert Cheeley, and the pair coordinated inspection and analysis. 

Cheeley, Giuliani, Hampton and Latham were also indicted in Fulton County, Georgia on charges of racketeering and attempting to unlawfully overturn the outcome of the 2020 presidential election. According to depositions in the case, the trip to Coffee County was directed by former Trump attorney Sidney Powell, who was also indicted in the Fulton case.

According to the motion filed by plaintiffs, for months Coffee County officials and their counsel withheld records of email communications from Hampton and security camera footage, denying the records existed until they were explicitly requested by the Georgia Bureau of Investigation, whereupon the footage and a desktop image containing records of the emails were turned over to the plaintiffs.


Kevin Skoglund, a technical expert hired by the Coalition for Good Governance, submitted testimony saying that an examination of the desktop image revealed that the offline Microsoft Outlook data files containing the emails “were exactly where any IT professional would expect to find them and easily discovered by anyone who put in a small amount of effort to search for them.”

The plaintiffs claim their initial discovery plan for the trial would have been “quite different and more efficient given the information disclosed by the videos” alone.

“Months of painstaking unnecessarily inefficient investigation and discovery efforts by Plaintiffs ultimately revealed that CCBOER’s assertions regarding the Videos and other records (especially Hampton’s emails) were false and misleading and exposed a pattern of misrepresentation and obstruction, prejudicing Plaintiffs’ litigation and the public policy interests underlying it,” the motion reads.

Although the breach dates back to 2021, neither the Georgia Bureau of Investigation or federal law enforcement have brought formal charges against any of the parties allegedly involved.

Requests for comment sent to the Coffee County Board of Elections and Sullivan Strickler were not immediately returned.    

Derek B. Johnson

Written by Derek B. Johnson

Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Latest Podcasts