Konnech tools and software are allegedly being "developed in, run from, and monitored in China," according to Catherine Engelbrecht, Founder of True the Vote (TTV). On Wednesday, she told UncoverDC, "Everything we have said about Konnech and its CEO, Eugene Yu is true, and it must be stopped." TTV filed an emergency motion on February 25 opposing Yu's motion to return storage devices seized by Los Angeles law enforcement "in the course of a lawful search warrant on Konnech's headquarters in Michigan." According to the emergency motion, TTV maintains that there is a risk of "spoliation" if copies are not made of the devices prior to their return to Yu.
Yu's motion to return his devices was considered on Thursday, March 2, and rescheduled for March 14. According to Engelbrecht, the court seems to be considering an "intent to proceed with a forensic evaluation and hearing."
Yu was arrested on October 4, 2022, and was charged "with two felonies for allegedly violating the company's contract with Los Angeles County by transferring election workers' personal information to servers in China." Those charges were later dropped by LA District Attorney George Gascon, who cited "potential bias" and the "pace of the investigation" as factors in his decision.
Yu is a naturalized citizen from China living in Lansing, Michigan. "He owns a series of URLs, including an underlying URL that runs CCP elections. His tools have penetrated many systems in this country," according to Engelbrecht.
TTV Files Emergency Motion to Inspect Konnech's Electronic Devices
According to TTV's February 25 emergency motion:
"Konnech was hosting on Chinese servers the election-related domain names of its U.S.-based customers (including Vote4Fairfax.com, Case 4:22-cv-03096 Document 87 Filed on 02/24/23 in TXSD Page 1 of 16 PAGE 2 OF 16 Vote4Boston.com, Vote4Hillsborough.net), as well as what appear to be Chinese election system websites (e.g., 2dmeeting.com and 2dmeeting.cn), and the URL for the Konnech app (app.konnech.com) its American customers use. This means any customer data transmitted by means of Konnech's customer-facing apps necessarily goes through an insecure server in China."
The court document shows on page 2 screenshots of "Konnech-managed domain names hosted on a server in China sitting on Unicom, the Chinese Internet' backbone.'" Engelbrecht says, "anything on the internet in China belongs to the State, meaning the Chinese Communist Party." Engelbrecht explained how she and Phillips came to understand Konnech's alleged data breaches:
"In the third week of January 2021, we were shown a database with 1.8 million American election workers from LA County exposing important private information, including social security numbers and information about their children. Konnech had collected everything you would want to know about the election workers as well as schematics and RFID codes on election equipment. They found the MongoDB open-source database because no one had bothered to change the password that was shipped with the database. The 1.8 million is just the tip of the iceberg."
Engelbrecht continued, "The database underpins our elections, and it goes to China and then back to the USA. It is a hard server based in China." The lawsuit also states, "Konnech's election logistics software was (and may still be) substantially developed by 'developers, designers and coders' who are 'all Chinese nationals based out of Wuhan, China.'"
National Security Breach: TTV Cooperates with FBI for 16 Months
TTV worked closely "as confidential informants" beginning in early 2021 with the FBI for about 16 months. According to Engelbrecht, the FBI had "agreed this was a matter of national security" and "opened a significant intelligence operation on it at the time." Engelbrecht was hopeful that the FBI would stop the Konnech operation before the midterms. However, the FBI eventually sent the investigation to the D.C. Bureau, and suddenly "the whole thing was eventually shut down without warning or explanation in April 2022."
Engelbrecht explains the FBI's puzzling flipflop to Steve Bannon in the video below, stating that "once the D.C. office became involved, everything changed. Once the Biden administration was aware of the work that was being done, [they] put the immediate kibosh on it and more than that turned it to suggest that we were somehow in the wrong, and the special agents came back and told us, 'Be prepared to go public with this because the D.C. Bureau is coming after you.'"
Exhibit D Harry Haury: Konnech System Breach of U.S. Data Classified as "Total Loss of Control"
Harry Haury's sworn affidavit in Exhibit D appears to provide stunning evidence of Konnech's alleged breach of U.S. data. Haury testifies that "Konnech's system of data protection and access amounted to by far the worst example of complete disregard of negligence regarding the protection of PII and sensitive data I have ever seen. We discovered a breach of U.S. data that is classified as a 'total loss of control'."
No stranger to investigations of this kind, Haury is "the acting CEO of Cain & Associates," according to the filing. Haury "served the National Security Agency and other agencies... involving the development of critical elements of the U.S. National Infrastructure over a period of 25 years," as stated in the filing. Engelbrecht told UncoverDC, "Haury has an impressive CV working with major banks and many government agencies. He lived in China for a number of years, working on behalf of U.S. intelligence agencies. He knows his stuff."
According to Haury, Cain & Associates was "tasked with assisting the Los Angeles County District Attorney's Office Bureau of Investigation in the execution of the court-ordered search warrant. [Haury] coordinated the physical search for the devices, along with Andrew Stevens, LA County's investigator."
During the investigation, Cain & Associates allegedly confirmed TTV's worrisome findings, including the fact that Konnech-provided PollChief software used in "LA County and likely other U.S. jurisdictions suffered from a security vulnerability that allowed and PollChief or Konnech worker to elevated his, her, or own user status to 'super user' giving him or her access to the applications at a privilege above those dictated by security policy which included broad access to information on all U.S. poll workers in the system." Screenshots of some of his findings are captured below :
TTV Motion/Cain & Associates/Haury/Exhibit D
TTV Motion/Cain & Associates/Haury/Exhibit D
Oddly, during Haury's investigation, he noticed "on the fourth day following the seizure, someone systematically began shutting off access to these and other accounts, one by one." Haury suggests that this "restriction of the DA's access was orchestrated by either Konnech, Inc. or by persons or entities in China with whom Konnech was associated, including any of the super users on the accounts."
Haury also states that he contacted law enforcement and "customers of Konnech, including Allegheny County, PA; Fairfax County, VA; DeKalb County, GA, and Johnson Couty, KS" to ask them whether "Konnech had notified them of any data breach." All responded they had never been notified.
The Konnech "incident," states Haury, "Is a very high-risk indicator of an intrusion by a foreign intelligence into the U.S. strategic infrastructure." As a result, Haury reported it to the "Defense Counterintelligence and Security Agency (DCSA) and other pertinent law enforcement agencies." Haury recommended all "seized devices be placed into the temporary custody of an independent forensic examiner to be mirror-imaged" and to be examined by "qualified teams using FBI/DOJ standard recovery techniques either bonded or under affiant pledges."
Exhibit E: Australian GM Says Konnech Deleted Emails
Attorney Brian Glicklich and spokesman for TTV was contacted on November 6 by a "man identifying himself as Peter McAllister." According to Glicklich, McAllister was formerly the "general manager of Konnech Australia" and had seen Glicklich's appearance on War Room on November 5 and felt a need to "convey" important information he had about Konnech.
McAllister told Glicklich, "someone had started deleting Konnech company emails from a website in Vietnam. He believed these actions to be at the instigation of Eugene Yu." McAllister also explained to Glicklich that "a man named Luis Nabergoi Puente," based in Barcelona, "contacted him via WhatsApp" and told him the "emails being deleted were all those that had a TXT or JSON attachment. Luis' interpretation was that someone at Konnech intended to get rid of any emails with log files attached that may have gone to China. Further, Mr. McAllister indicated that Mr. Yu's nephew, a man named Jun Yu, was removing all apps in Konnech's internal messaging application called DingTalk."
McAllister reported, "Eugene's brother runs a company that provides similar election software to the Chinese Communist Party." McAllister says Yu "asked him to sell that same software in Australia." McAllister was eventually "asked to resign by Mr. Yu."
Engelbrecht Will Not Give Up: Konnech Lawsuit Ongoing
Engelbrecht and Phillips were sent to prison in October without bond by Judge Kenneth Hoyt. Hoyt put them in prison for a "civil matter," their refusal to "give up their sources" related to their lawsuit against Konnech. Hoyt's decision was "reversed and admonished by the 5th Circuit Court of Appeals."
True the Vote sought and won the recusal of Judge Hoyt on February 13, 2023, a "rare" occurrence in federal courts. The True the Vote lawsuit against Konnech is ongoing. Engelbrecht says, "there is much more to come in this story," as indicated in @GusQuixote's video below: