Observers of a Legislature-sponsored review and recount of election results in Arizona’s largest county alleged last week that “copies of voting system data” were sent to an unnamed lab in Montana with little explanation, according to a summary of notes from the Arizona Secretary of State’s office, which sponsored the observers.

The observation reads that on May 24, Ken Bennett, a former Arizona Secretary of State working as a liaison from the state Senate, “confirmed that (the data) was sent to a lab in Montana” but “did not specify what security measures were in place, or what the lab in Montana will do with the data or how long it will be in possession of the copies.”

Republican lawmakers in the Arizona Senate authorized an audit of election results and issued subpoenas for election systems from Maricopa County in April, encouraged by persistent but unfounded claims of voter fraud and impropriety by former President Donald Trump in the fallout of his loss — President Joe Biden defeated Trump by roughly 45,000 votes in the county, one of the country’s most populous.

The review has been plagued by controversy, litigation and allegations of procedural errors and impropriety, though it has resulted in significant financial gains for the state GOP and boosted the political fortunes of current Secretary of State Katie Hobbs, a Democrat and outspoken critic of the audit who recently announced her bid for governor of Arizona.

The nexus between the two states is the firm CyFIR, a digital security company working as a subcontractor for Cyber Ninjas, a Florida-based cybersecurity group that the Arizona Legislature chose to run the audit. CyFIR is a spinoff of Cyber Technology Services; Ben Cotton, an election auditor who made and later recanted a claim that Maricopa County officials might have deleted election files from their computers before handing them over as part of a legislative subpoena, is CEO of both firms.

As first noted by Arizona Republic reporter Jen Fifield, Cyber Technology Services’ website lists its address at a farmstead in Lake County, although other company materials refer to a headquarters in Manassas, Virginia. State property records show that Cotton owns the home, situated near the small community of Swan Lake. CyFIR’s address is listed in Ashburn, Virginia.

Ken Bennett, the Legislature’s audit liaison, confirmed to the Daily Montanan that CyFIR and Ben Cotton were reviewing the election data, which he described as “all of the forensic data that (Cotton) copied from the election server and hard-drives that were used by Maricopa County to conduct the election in November.”

However, he said he did not know whether Cotton’s lab is in Virginia or Montana, only that the review is taking place in one of the two states.

Cyber Technology Services was previously registered as a for-profit company in Montana, but had its active status revoked by the Montana Secretary of State last year as the company had not filed an annual report or paid fees to the state. The company has a current registration in Virginia, however.

Cotton did not return requests for comment by press time. Bennett said he couldn’t speak to what specific processes CyFIR was using to review the data.

“He copied all that material down from the hardware that the county provided and he’s reviewing it at his lab,” he said. 

More From Missoula Current