Arizona

Established Fact The EMS server’s Windows Security Event Log was configured with a maximum retention size of 20 MB and set to automatically overwrite older entries when full. As a consequence, the earliest log entry preserved at the time of forensic audit was dated February 5, 2021 – not November 3, 2020. Every access event,

Established Fact The credentials (usernames and passwords) for all EMS server components – EMS workstations, adjudication workstations, HiPro scanners, and ICC workstations – were created during the Dominion software installation on August 6, 2019, and were never changed from that date through the delivery of systems for forensic audit following the 2020 election: a period

Established Fact The Dominion EMS server’s operating system and antivirus software were not patched or updated after August 6, 2019 – the date of initial installation – leaving the system exposed to all known exploits disclosed during the subsequent 14 months before the November 2020 election, including the entire pre-election deployment period. More critically, Dominion

Established Fact The Cyber Ninjas audit confirmed as an established fact that Maricopa County did not possess the administrative iButtons required to independently access, configure, or validate its Dominion tabulation systems. Only Dominion Voting Systems held these tokens. The Senate cover letter stated: “No private company should be trusted with the keys to our democracy.

Established Fact The Cyber Ninjas audit documented that a single, identical password was used for all user accounts on all EMS, EMS client, adjudication, HiPro scanner, and ICC workstations – credentials installed by Dominion during the August 6, 2019 system installation and never changed through the date of the audit, a period exceeding two years