They made at least some attempt to cover their tracks. Many of the linked IP addresses come from NordVPN’s service as well as other VPN providers.
The attackers obtained voter registration info for “at least one” state, officials said, although they unsurprisingly weren’t specific about the nature of that breach or the volume of data taken.
CISA and the FBI made several recommendations that, unfortunately, would be givens for many other organizations. They advised keeping systems updated with security patches, to scan for common web flaws like SQL injections, and to protect against web shells. Administrators should have two-step verification, too. Like it or not, election systems still have basic failings — it may be a long while before your voting info is truly secure.