Representative Gillette (R-30) spoke exclusively to State 48 News, revealing that he’s been sounding the alarm on Arizona’s cybersecurity vulnerabilities for over three years.
“When I first started, I thought I’d be protecting Arizona from foreign intrusion,” Gillette said. “Turns out, we need protection from a twelve-year-old in grandma’s basement using an AI program to hack us.” - Gillette told State 48 News
Gillette’s cybersecurity bill HB2736 passed the House unanimously and cleared a Senate committee, but it was ultimately held and never made it to the Committee of the Whole for a vote.
State 48 News also spoke with Senate President Warren Petersen (R-14), who explained the holdup:
“It was held as a money bill and didn’t make it into the budget. All money bills get held until the budget is negotiated, ” said Petersen.
Representative Gillette told State 48 News that some of Arizona’s government systems are so outdated they can’t even interface with modern technology. He cited the Department of Real Estate as one example—its software was custom-built by a former in-house developer, and now that individual is no longer available, no one else knows how to maintain or update the system.
He also flagged a major concern at the Department of Revenue: the agency lacks the technical capability to audit 1099 tax returns internally. Instead, all audits are outsourced to a private firm based out of state, raising serious concerns about efficiency, oversight, and the security of sensitive taxpayer data.
Gillette outlined multiple instances where Arizona’s systems are woefully unprotected. He pointed to the Maricopa County Recorder’s Office—under former Recorder Adrian Fontes—as having developed its own election system. According to Gillette, that system is likely “more secure than the state’s,” yet he questions the legality and oversight behind its integration.
“Who gave them the authority to connect their system to the State of Arizona’s infrastructure?” he asked, noting that he has issued Freedom of Information Act (FOIA) requests to find out.
As for the recent breach at the Secretary of State’s Office, Gillette said the state’s response was essentially, “like putting a finger in the hole of the dam, hoping it doesn’t break.”
Gillette said the blame lies with state agencies that have prioritized non-urgent spending.
“Hobbs has a ton of money in the executive branch—and cybersecurity is part of the executive function,” he said. “Yet she’s paying off $400 million of other people’s medical debt instead of bolstering the state’s software. She’s funding other woke, ideological programs instead of fixing the state’s networks.”
ICYMI here is the background on the controversy:
Last week, hackers infiltrated the Candidate Portal on the Arizona Secretary of State’s website, swapping out candidate photos and potentially accessing private profile data just weeks before the Congressional District 7 primary election.
🔍 What Happened
Unauthorized Access: Around June 23, cybersecurity teams detected abnormal activity affecting the portal used by candidates to file documents and images.
Immediate Response: Officials shut down the portal for a full week, rerouted candidate filings via alternative channels, and required password resets when the system went back online.
Data at Risk: While candidate photos were visibly altered, the scope of exposed personal information is still under investigation. Voter registration and petition systems remained unaffected.
🛡️ Who’s Involved
Secretary Fontes’ Office collaborated with the Arizona Department of Homeland Security, National Guard, and a private cybersecurity firm in the investigation.
Responding to the breach, they “tuned security controls” and shared threat intelligence with partners, according to a July 1 press release.
🗣️ Public Reaction
Some political groups criticized Secretary Adrian Fontes for insufficient transparency, urging more public disclosure.
The office defended its actions, pointing out that it had briefed lawmakers and upheld a proactive cybersecurity posture.
Here’s a link to a story by State 48’s Christy Kelly for the Arizona Globe, including links to the online drama and finger-pointing that followed the public disclosure of the breach.
Share this post