Maricopa County, Arizona, Forensic Audit Results

Arizona Election Audit Reveals Unthinkable Level Of Voter Fraud

Patrick Colbeck’s analysis of the results:

Link to 09/24/2021 – Video of complete Presentation of the Maricopa County Election Audit:

Link to site Arizona Senate Republicans:

Cyber Ninjas Presentation 1:

Cyber Ninjas Presentation 2 from CEO Doug Logan:

Cyber Ninjas Report, Vol. 1:

Cyber Ninjas Report, Vol. 2:

Cyber Ninjas Report, Vol. 3:

Pattern Recognition Classification of Early Voting Ballot (EVB) Return Envelope Images for Signature Presence Detection: An Engineering Systems Approach to Identify Anomalies to Advance the Integrity of U.S. Election Processes by Dr. Shiva Ayyadurai, MIT PhD:

Presentation from Ben Cotton, CyFIR Founder:

Randy Pullen Report:

Ken Bennett Report:

Cyber Ninjas Presentation 1:


  • Duplicate ballots comingled with original ballots
  • Duplicated ballots with incorrect & missing serial numbers
  • Duplicates that reuse serial numbers
  • More duplicates than original ballots


  • Official Canvass has 3,432 more ballots cast than the list of people who show as having cast a vote (VM55)
  • 9,041 mail-in voters show returning more ballots (EV33) than they were sent (EV32).
  • 277 Precincts show in the Official Canvass as having more ballots cast than people who showed up to vote (VM55) for a total of 1,551 excess votes.
  • There are 2,472 ballots shown in EV33 that don’t have corresponding entries in the VM55, and only 2,042 ballots show as rejected in the Official Canvas for a discrepancy of 430.
  • 397 mail-in ballots show as received (EV33) that never show as sent (EV32).
  • 255,326 Early Votes show in the VM55 that do not have a corresponding EV33 entry.


  • 23,344 voters voted via mail-in ballot even though they show in Melissa as having moved, and no one with the same last name shows as living at the address.
  • 2,382 voters voted in-person even though they show in Melissa as having moved out of Maricopa County.
  • 2,081 voters moved out-of-state during the 29 days before the election and were given a full ballot instead of a presidential-only ballot.


  • Potentially as many as 5,047 individuals who voted in more than one county for up to 5,295 votes.
  • 393 voters with incomplete names voted in the election.
  • 198 individuals registered after the October 15th cutoff and voted in the election.
  • 2,861 voters have shared an AFFSEQ number with another voter at some point.
  • 282 potentially deceased voters voted in the election.
  • 186 people potentially have duplicate voter IDs that both voted.

Cyber Ninjas Presentation 2: CEO Doug Logan

Recommendations: Voter Rolls

  • Legislation should be considered that links voter roll registration to changes in driver’s licenses or other state identification.
  • Legislation should be considered that requires voter rolls be validated against the NCOA both 90 days or more prior to the election, in addition to a week before mail-in ballots are sent out. This validates whether a mail-in ballot should be sent before its sent. 
  • Legislation should be considered that gives a legally required frequency where the voter rolls should be periodically compared against ERIC, the Social Security’s Master Death List, or other commercially available tools that give access to this information. 

Recommendations: Election Software

  • Legislation should be considered that would require applications developed and utilized for voter rolls or voting to be developed to rigorous standards that ensure the confidentiality and integrity of the systems. 
    • Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS) Level 3 is recommended.
  • Legislation should be considered which requires voter roll and voting equipment, or any other election software to go through regular assessments to confirm ASVS Level 3 requirements are meant.
    • Software should not be allowed to be utilized until any Critical or High issues are remediated and there should be a remediation plan for other severity vulnerabilities. 

Recommendations: Voting Machines

  • Legislation should be considered that requires following all CISA Guidelines for Election Systems and Equipment, the documentation of any variations among these guidelines, and the signing off on a risk memo by the appropriate party for any derivations from those guidelines.
  • Legislation should be considered which requires the assignment of individual usernames and passwords for all election related equipment and matters.
  • Legislation should be considered that requires the real-time network monitoring of all election equipment, even on air gapped networks.
  • Legislation should be considered that would prohibit internet capable Election Management System Servers or similar equipment from being utilized; or any other type of hardware or equipment that could potentially allow remote access. 
    • No built-in capability such as a Wi-Fi card or cellular modem, regardless of whether this used. 

Recommendations: Voting Machines

  • Furthermore, County employees should have access to all administrative functions of all election equipment and have sufficient access to independently validate any configuration items on the device without requiring the involvement of any 3rd party vendor.
  • In addition, electronic voting machines must always have a paper backup of all ballots which can be used to confirm that votes were cast as intended; and these machines must be regularly maintained according to the vendors recommended maintenance schedule. 
  • Legislation should be considered that would require that paper stocks utilized on election day conform to manufacturer recommendations to ensure that the paper that has been tested in the device is what is actually utilized to cast votes.

Recommendations: Election Audits

  • Legislation should be considered that creates an election audit department in charge of regularly conducting audits on a rotating basis across all counties in Arizona after elections. 
  • Legislation should be considered that requires batches of ballots to be clearly labeled, separated from each other in a manner where they cannot easily mix together, and easily connected to the batches run through the tabulation equipment for easy auditing of the system. 
  • Legislation should be considered to penalize purposely inhibiting a legislative investigation, or an officially sanctioned audit of an election.

Recommendations: Ballots

  • Legislation should be considered that will make ballot images and the Cast Vote Record artifacts from an election that is published within a few days of the results being certified for increased transparency and accountability in the election process.
  • Legislation should further be considered that would require all ballots to be cast on paper by hand utilizing paper with security features such as watermarks or similar technology; with a detailed accounting of what paper(s) and the quantities utilized for any given election cycle. 
  • Mail-in voting should incorporate an objective standard of verification for early voter identification, similar to the ID requirements required for in person voting.

Ben Cotton Presentation Findings:

  • County Withheld Devices and Data
  • Cyber Security Issues
  • Hardware Configuration Control
  • File Deletions. [on day before audit]
  • Failure to Preserve Election Artifacts
  • Anonymous Logins
  • Listening Ports and Attempted Connections on Bootup
  • Internet Connections and History

Cyber Security Issues:

  • Failed to Perform Basic OS Patch Management
  • Failed to Update AntiVirus Definitions
  • EAC Certification Defense is NOT Valid In View of the Evidence
    • 4 .exe Files Created After Dominion Software Install
    • 45 .exe Files Modified After Dominion Software Install
    • 377 .dll Files Created After Dominion Software Install
    • 1053 .dll Files Modified After Dominion Software Install
  • Log Management – Failed to Preserve Security Logs
  • Credential Management – Shared Accounts and Common Passwords
  • Failed to Establish and Monitor Host Baseline
  • Failed to Establish and Monitor Network Communications Baseline

Hardware Configuration Issues:

  • Dual Boot Configuration Discovered on Adjudication 02 Endpoint
    • Two Hard Drives Internal to System
    • Both Drives Bootable to Different Configurations
  • Clearly Not an Approved Configuration
  • 2nd Hard Drive Contained Non-Maricopa County Data

Non-Maricopa County Data found on drive

File Deletions on multiple machine on day before audit

Randy Pullen Presentation Findings:

  • There were a number of inconsistencies found in the ballot batches in the boxes, all of which are noted in the Machine Count Tab Sheets including:
    • Missing Batches in Boxes
    • Batches in boxes not listed on the box or County list

No batch slips in the box or slips not directly associated with the batches.

Compliance with Election Laws and Procedures, Maricopa County
2020 General Election by Ken Bennett, Senate Audit Liaison

  • Missing Signatures On Ballot Envelope Affidavits
  • Original And Duplicate Ballots without Matching Serial Numbers
  • Missing Chain Of Custody
  • Ballots of sufficient and consistent thickness
  • Common Usernames And Passwords
  • Missing Serial Numbers on Electronically Adjudicated Ballots
  • Possible Ineligible Voters

Senate President Karen Fann sent this letter and notes to the AZ Attorney General. In it, Fann requests a formal investigation and action. “We need to do audits on every election.”

Published by pureintegrityformichiganelections

Dedicated to restoring election integrity in Michigan.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: