Members of Florida's congressional delegation said Thursday it was unacceptable that the FBI and the Department of Homeland Security will not publicly identify the two counties where Russian hackers gained access to voter databases before the 2016 election.
A bipartisan group of lawmakers said after a classified FBI briefing that they were told the county names but were not allowed to share that information with the public. Florida Gov. Ron DeSantis, a Republican, had a similar briefing last week and also said afterward that he could not release the names.
The Florida lawmakers want the federal agencies to be more transparent and are pledging to work on bipartisan legislation to strengthen notification rules. They said the public has the right to know if their data was breached, similar to a credit card company notifying customers.
The FBI also told the lawmakers there was "suspicious activity" around other counties, but didn't identify those counties by name.
"The public needs to know which countries were hacked and what steps are being taken to hold the bad actors accountable," said Democratic Rep. Stephanie Murphy.
Republican Rep. Matt Gaetz was blunter: "I don't know who the hell they think they are to not share that information with us."
The Florida revelations add new anxiety for officials as they work to secure their systems for the 2020 elections. Many fear a repeat of 2016, when Russian hackers targeted election infrastructure in at least 21 states. The rising concerns could push Congress to take another crack at election security legislation that stalled before the midterm elections last year.
The lawmakers said they were told with certainty that election results weren't compromised, but it was less clear whether the Russian hackers were able to use the voter data in any way.
"We couldn't get with certainly that the Russians were not actually able to manipulate the data that they had access to," said Rep. Debbie Mucarsel-Powell, D-Fla. "They have no evidence but couldn't say with certainty."
Some Florida officials were taken by surprise last month when special counsel Robert Mueller's report said hackers gained access to the network of at least one Florida county. The FBI identified two counties in the briefings with Florida officials.
DeSantis said this week that he was frustrated when he saw the vague reference to hacking in Mueller's report, adding that "no one ever said anything to me."
The lawmakers confirmed what DeSantis said after his own briefing — that the hackers gained access through a spear-phishing email after workers clicked links. Multiple lawmakers said the law enforcment officials described it as similar to burglars gaining access to the "garage, not the house."
There has been speculation about the hackings since then-Sen. Bill Nelson, D-Fla., said last August that Russians had penetrated the systems of certain Florida counties and had "free rein to move about" before last year's midterm election. Then-Gov. Rick Scott, who defeated Nelson in the November election, criticized Nelson's allegations, saying they were sensational.
After Nelson's comments, the FBI and DHS said in a letter that they saw no signs of any "new or ongoing compromises" of state or local election systems. Some experts warned that hackers could have left malware on computer systems to be triggered later.
Scott, now a senator, got his own briefing from the FBI this week and said he urged the agency to do a briefing for all senators. He said in a statement that the FBI "could not provide any evidence to support" Nelson's specific claims, but did not elaborate. He said he was confident in steps he had taken as governor to improve election security.
The briefings come as senators are try to restart talks on an election security bill that stalled last year after Majority Leader Mitch McConnell declined to move it to a Senate vote. The White House and some Republicans said at the time that the legislation could exert too much federal control over the states.
Some states have objected to the bill because it would require all states to use paper ballots as a backup to electronic systems if they want to receive federal election money for voting equipment. While many states already use paper ballots, a few said they would be too expensive or burdensome.
The legislation would also require that all 50 states conduct audits after elections and direct the Homeland Security Department to immediately notify any states if the federal government detects that they have been hacked. The last requirement was added after Homeland Security took around a year to tell states they had been hacked in 2016.
Republican Sen. James Lankford of Oklahoma, one of the lead sponsors of the legislation, said this month that senators are still working on it and expressed optimism that it could pass this year. He said one of the administration officials who found the bill problematic was former White House counsel Don McGahn, who called him with some "constructive ideas" that were later incorporated.
Lankford said McGahn told him he was calling in a private capacity because of his experience as a former member of the Federal Election Commission, not as White House counsel. Lankford said the White House was officially neutral on the bill.
Senate Rules Committee Chairman Roy Blunt, a Missouri Republican who was supportive of the legislation last year, sounded less hopeful at a hearing on elections Wednesday.
"At this point I don't see any likelihood that those bills will get to the floor," Blunt said in response to a question by Illinois Sen. Richard Durbin.
"I think the majority leader is of the view that this debate reaches no conclusion," Blunt said.
Associated Press Congressional Correspondent Lisa Mascaro contributed to this report.