Established Fact
The Wisconsin Legislative Audit Bureau (LAB) determined that WEC issued 3,137 FIDO Keys – multi-factor authentication tokens for WisVote access – and “apparently does not know how many FIDO Keys they have actually issued.” At least one county received 15 FIDO Keys when it requested 2 and was told to retain unused keys “just in case.” Of 2,938 active keys at the time of audit, 1,929 (66%) were issued with full clerk-level access. WisVote contains sensitive personally identifiable information on every registered voter, including driver’s license numbers, partial Social Security numbers, dates of birth, and protected voter addresses. When the agency responsible for the state voter registration database – which contains voter history files – cannot account for all outstanding access credentials, it cannot certify that voter history entries were made only by authorized users.