Neon Nettle
© 2023 Neon Nettle

Subscribe to our mailing list

Advertise Contact About Us Our Writers T&C's Privacy Support Us © 2023 Neon Nettle All Rights Reserved.

Arizona Election Audit Recovers Allegedly Deleted Files in Maricopa County

Cyber expert successfully restores missing files, allegedly deleted from server

 on 19th May 2021 @ 3.00pm
the 2020 election results in maricopa county are undergoing a forensic audit © press
The 2020 election results in Maricopa County are undergoing a forensic audit

The team conducting the forensic audit of the 2020 election results in Arizona has successfully recovered files that were allegedly deleted from the county's server.

A cyber expert working on the audit team in Maricopa County testified before the state Senate on Tuesday that he was able to restore an allegedly deleted directory from the server's database.

The files were recovered by Ben Cotton — the founder of CyFir, a digital forensics and cyber risk solutions company.

Cotton told Arizona Senate Judiciary Chairman Warren Petersen and Senate President Karen Fann that he discovered the missing file directory while reviewing the Master File Table (MFT).

During a special meeting of the state Senate, Cotton explained that the MFT is a “record of all of the directories and the files that are contained in that partition and a pointing — and a pointer to where that data resides on the hard drive.”

He confirmed to the Senate that the database directory from the D drive of the machine “EMSPrimary” [Election Management System] had been deleted.

arizona senate president karen fann has been briefed on the missing files from the election database © press
Arizona Senate President Karen Fann has been briefed on the missing files from the election database

“In the course of performing that MFT discovery, I discovered an MFT that clearly indicated that the database directory was deleted from that server,” Cotton said.

Cotton then told Fann and Petersen he was able to successfully recover the files.

“All of this, however, may be a moot point because subsequently, I’ve been able to recover all of those deleted files.

"And I have access to that data,” Cotton said.

In a letter to the Maricopa Board of Supervisors last week, Fann raised the issue of the deleted files.

The board responded with its own letter to Fann on Monday, according to Western Journal.

The board offered up that the reason the files showed up as deleted is that “the Elections Department shut down the server to be packed up and made ready for delivery to the Senate.”

“At no point was any data deleted when shutting down the server and packing up the equipment.”

The officials reiterated, “Maricopa County provided you the actual Dominion server as commanded by your subpoena and we did not transfer or delete from that server any data from the 2020 General Election that was subject to your subpoena.”

“You have now returned that server to us,” the letter continued.

"Evidently, your ‘auditors’ made a copy of that server and are conducting their analysis on the copy."

Additionally, the board refused to turn over county routers that auditors have requested to ensure voting tabulators were not connected to the internet during the election.

the forensic audit team was able to successfully recover the missing files © press
The forensic audit team was able to successfully recover the missing files

The letter cited security concerns about sensitive information contained in the routers getting into the wrong hands.

The board members closed their letter — also signed by Republican Maricopa County Recorder Stephen Richer and Democratic Maricopa County Sheriff Paul Penzone — calling for the audit to cease.

"You, Senate President Fann, are the only one with the power to immediately end it,” they wrote.

"We implore you to recognize the obvious truth: your ‘auditors’ are in way over their heads."

Cotton directly addressed the board’s explanation for the apparently deleted directory being due to the system being shut down before it was delivered to the Senate.

“We follow a very strict forensics acquisition process in which we don’t turn on a system if it’s delivered to us in a powered off state” before making a copy of the drive, he said.

Cotton added, “We produced a bit for bit forensics copy of that particular drive.”

[RELATED] Arizona Election Audit Uncovers 'Significant Discrepancies' with 2020 Ballots

tags: Election | Fraud
Steve Quayle Neon Nettle telegram

Facebook is heavily censoring information from independent sources.

To bypass internet censorship, connect with us directly by enabling our notifications (using the red subscription bell in the bottom right corner) or by subscribing to our free daily newsletter.

Get the latest news delivered straight to your inbox for free every day by signing up below.


Subscribe to our mailing list

Follow Neon Nettle