Experts Warn Flawed Voter Database Risks 2026 Midterm Integrity
Experts warn the 2026 midterms face voter disenfranchisement and data breach risks.
Why it matters: Election law, data privacy, and compliance professionals must prepare for significant legal and cybersecurity challenges ahead of the 2026 U.S. midterm elections.
- Department of Justice has sued 29 states plus DC for refusing to provide unredacted voter rolls.
- At least 10 states provided voter data on over 37 million registered voters to the DOJ.
- SAVE program wrongly flags many citizens as noncitizens, risking disenfranchisement.
- Over 5,000 malicious domains targeting the 2026 elections have been identified since January.
Legal and cybersecurity experts are raising alarms about the integrity risks facing the 2026 U.S. midterm elections due to problematic voter data management.
The Department of Justice (DOJ) has been aggressively seeking unredacted voter rolls nationwide. Since spring 2025, the DOJ has filed lawsuits against 29 states and the District of Columbia for refusing to provide complete voter registration data, including sensitive information like driver’s license and partial Social Security numbers. According to the Stateline report, at least 10 states have complied, delivering data on over 37 million registered voters.
However, most states have withheld full datasets, omitting sensitive elements. The Brennan Center for Justice notes only Indiana and Wyoming have provided full statewide voter registration lists, while nearly all others omit Social Security and driver’s license info (Politifact analysis).
Beyond legal struggles, the Systematic Alien Verification for Entitlements (SAVE) program used to detect noncitizen voters has been found to misclassify numerous U.S. citizens as noncitizens. This flaw risks disenfranchising legitimate voters ahead of the midterms, as detailed in a FactCheck.org report.
Cybersecurity threats compound these challenges. A TechRadar investigation identified over 5,000 malicious internet domains created since January 2026, many containing keywords like "election" and "vote," targeting voter fraud, phishing, or misinformation campaigns. Danielle Hess, a cyber threat analyst, warns stakeholders to expect heightened phishing and credential attacks.
Maine Secretary of State Shenna Bellows stresses that “voting in a democracy depends on free and fair participation without fear of retribution or punishment from the government.” The mounting DOJ lawsuits, flawed verification tools, and broad cyber threats underscore the importance of safeguarding election integrity and voter privacy.
By the numbers:
- 29 states and DC sued by DOJ for voter data refusal
- Over 37 million registered voters' data provided by at least 10 states
- 5,000+ malicious domains targeting 2026 midterms detected since January 2026
Yes, but: While significant data and cyber risks exist, detailed information on DOJ’s data security measures and states’ cybersecurity effectiveness remains limited.
What's next: Legal battles over voter data access will continue through 2026, while election cybersecurity threats are expected to escalate as the midterm date nears.