An 11-Year-Old Hacked Into a U.S. Voting System Replica in 10 Minutes This Weekend

A particularly alarming hack was carried out at the DEFCON hackathon conference over the weekend by an 11-year-old boy.

He managed to hack into an imitation Florida state voting website and change the results of the “election” in fewer than 10 minutes.

DEFCON is the world’s larger hacker conference held annually in Las Vegas, where hackers and cyber security experts try to break into all kinds of computer security systems, highlighting how easy it can be to manipulate software and hardware. At this year’s conference, DefCon added children to its list of those invited, specifically to try to hack websites in the DEFCON Voting Machine Hacking Village, a part of the hackathon that includes “13 imitation websites linked to voting in presidential battleground states,” according to PBS.

More than one succeeded.

Emmett Brewer, the 11-year-old who successfully hacked the replicated Florida voting site, wasn’t the only child who got into the election systems at the conference. In total, about 50 kids ranging in age from 8 to 16 attended the conference, DEFCON said in a tweet, and around 30 of them were able to hack into the imitation election websites.

The National Association of Secretaries of State issued a statement in response to DEFCON hacking voting systems, expressing concern about the event encouraging the mock hacking of official election systems and saying it does not accurately reflect the reality of electronic voting in the U.S.

“While we applaud the goal of DEFCON attendees to find and report vulnerabilities in election systems it is important to point out states have been hard at work with their own information technology teams…” the statement reads. “Our main concern with the approach taken by DEFCON is that it utilizes a pseudo environment which in no way replicates state election systems, networks or physical security. Providing conference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day.”

Subscribe to TIME

Get The Brief. Sign up to receive the top stories you need to know right now.

Please enter a valid email address.

* The request timed out and you did not successfully sign up. Please attempt to sign up again.

Sign Up Now

An unexpected error has occurred with your sign up. Please try again later.

Check the box if you do not wish to receive promotional offers via email from TIME.

You can unsubscribe at any time. By signing up you are agreeing to our Terms of Service and Privacy Policy. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you!

For your security, we've sent a confirmation email to the address you entered. Click the link to confirm your subscription and begin receiving our newsletters. If you don't get the confirmation within 10 minutes, please check your spam folder.

Contact us at letters@time.com.