Nonprofit, nonpartisan journalism. Supported by readers.


Senate recount trial: Anti-Norm tech ‘sideshow’ adds to the bad news for Coleman

Norm Coleman legal team
AP Photo/Jim Mone
Norm Coleman confers today with his team of lawyers during a break in court proceedings.

I am not a tech geek. Nor am I a venomous anti-Norm Coleman zealot.

Still, the recent dust-up, best reported by the Pioneer Press’ Dave Orrick, over Coleman’s website and how its database of supporters was compromised got me to thinking about what I knew and when I knew it.

This recent kerfuffle began way back on Jan. 28.
That’s just three days into this seven-week-long trial, for which there will be closing arguments today.

Coleman website saga
This website saga began so long ago that, as Coleman’s handsomely bald legal spokesman Ben Ginsberg said today, “I had a full head of hair.”

On that day, when the outcome of this trial was up in the air, Coleman’s campaign posted the names of voters whose absentee ballots were rejected. The campaign invited citizens to visit. The well-read Drudge Report reported the link.

The Coleman website soon crashed. The Coleman campaign put out a news release about said crash. I wrote about it here at MinnPost. And even cited the skepticism of some tech experts who claimed the Coleman side purposely crashed its site.

The idea that Coleman’s camp would purposely crash its site has never made sense to me.

Curiously, that very same night, I was poked by an instant message from a colleague. I saved it. It came at 10:52 p.m.

Here’s how it began:

“Hey! Just saw something on Twitter about the Norm Coleman web site,” my correspondent IM-ed.

“Yes?” I replied.

My colleague then wrote: “Apparently, this person has discovered that the web site has mailing lists with contact info in a public folder, downloadable to anyone . . . The twitter:

‘Norm Coleman leaks a full database of supporters? Wow, just wow bad. Put that stuff in a non-web directory. Glad I’m not in the DB. [data base]’ Interestingly enough, this same person actually had posted a link to the public folder.”

My correspondent sent me the link that was posted for anyone to see.

That link, by the way, is now dead.

A chilling find
But that night, I clicked on it, and I got the chills.

There for everyone to see was an Excel spreadsheet of supporters or volunteers. I didn’t look at them all that long.

I IM-ed back to my pal, who is a techie: “Is that hacking?”

“Well, not hacking,” my guy replied.  “Because the files are in a public folder. But you do need to know how the website is configured to know that the folder exists.”

“u think it’s a mistake?” I IM-ed back.


I replied: “Seems to me someone should tell the Coleman camp they’re vulnerable to attack, but I don’t think it should be a reporter like me.”

“Who then?” came the reply.

Well, I must admit, unjournalistic as it may have been, I sent an email to Mark Drake, then one of Coleman’s media relations team, and simply directed him to the Minnesota Independent story and, in the email topic wrote: “guessing you’ve seen this, but just in case . . .”

I have no receipt of a return email from Drake, but the next day, the Coleman site was on-again/off-again, and some Coleman staffers at the courthouse were sheepish about the situation.

Clearly, someone screwed up when posting the list of absentee ballot voters. Or when heavy traffic came in.

Coleman staffers insist to this day the Drudge link knocked out their server. Others say that can’t be true. I don’t really care.

I had forgotten the whole episode.

Until right now, and we flash-forward to the leak of the credit cards of supporters by Wikileaks. And to some solid, if sometimes partisan, reporting at the Minnesota Independent and others.

Hacker attack or campaign mistake?
At first, the Coleman campaign said they’d been attacked by hackers. But, it seems to me, they were attacked by political opponents who’d been holding back some files since way back in January, when Ginsberg had hair and their website was open for inspection to anyone with a laptop.

Today, the Coleman campaign posted a series of answers to frequently asked questions for supporters at the same web site.

In some ways, this web site deal is a sideshow. Coleman bashers, of course, are taking glee in the predicament. And Coleman supporters are heartsick by the big problem.

But it comes as the witness phase of the trial ended today, with both sides resting. On Friday, Kevin Hamilton will close the case for Franken and Joe Friedberg will sum up Coleman’s case. It comes as we’re closing in on who will win this trial and the now-open Senate seat.

Thinking back, I consider Wednesday to be a revealing day. There was real drama in the hallway outside Courtroom 300 that made an impression on some observers and may have hinted at Coleman’s own attitude.

Emotional Coleman addresses the media

In response to the news about the Wikileaks event, Coleman himself felt a need to make a statement. He didn’t take questions, but you didn’t need to ask how he felt.

He was emotional. He was pensive. He was angry.

He talked of the “theft” of data.

“This is chilling. This is frightening,” he said, so softly. “It is obviously an attack on this campaign, but beyond that … [this is] a very expensive legal proceeding. Online fundraising is a very critical element of that and clearly the theft of this information, the publication of this information seriously undermines that … I think it will have a very debilitating effect.”

He spoke so gingerly. He seethed beneath his sadness.

Was there concession in his voice? Was this the final straw in a recount trial that’s cost millions and that isn’t going very well?

We are, after all, now just one day from the very end of this election contest that he brought. Whether you’re a partisan or not, Coleman has not had a great seven weeks in that courtroom that he stood outside of Wednesday.

So, what does one person — who’s not a tech geek and not an anti-Norm zealot — think?

Someone in the Coleman campaign screwed up.

Someone with tech savvy in effect was walking down the street and found a briefcase lying on the sidewalk and kept it. (Others of us knew not to do such a thing.)

Lots of folks knew about it … even if the Coleman side says the Secret Service couldn’t confirm it.

Then, weeks later, at a key moment of this trial, as an expensive appeal seems like the only way that Coleman could hope to win this case, the culprit decided to toss this virtual Molotov cocktail into the mix.

Remember, too, if Coleman loses this case, he will be on the hook for Franken’s court costs — such things as the copying of documents, witness fees, etc. — in the hundreds of thousands of dollars. Legal fees? That’s uncertain, but, because of some of the three-judge panel’s rulings, Coleman would have to cover some portion of Franken’s millions of dollars of lawyers’ bills.

He needs dough.

It could be argued that this was bound to happen in this campaign that has never ended, the most expensive and nastiest of the 2008 Senate election cycle.

But it made me think of a line in Jimmy Breslin’s tremendous political tour-de-force “How the Good Guys Finally Won,” about Watergate and former Rep. Tip O’Neill of Massachusetts.

Breslin wrote then, in another political context: “Why is it that the science of getting even always becomes desolate at the end?”

Desolate evokes images of emptiness, loneliness.  

How must Coleman feel right now?

On Nov. 4, he led by more than 700 votes. By the end of the recount, he was behind by 225. And that Franken lead appears actually larger today than it was when the State Canvassing Board completed its counting on Jan. 3.

The bottom line is painful for Coleman.

Indeed, some folks who heard his statement Wednesday thought the emotion he revealed might be his first baby steps toward showing that he’s finally begun to internalize the fact that he just might not win this thing, that his lawyers haven’t proved that the 2008 election should be overturned.

Maybe not. This observation could be, as Ginsberg would say, “Balderdash.”

But Coleman knows this website brouhaha hurts fundraising because marginal supporters have been inconvenienced. Ever have to cancel your credit card?

More, an experienced political operative told me today, it shows a certain level of incompetence on the part of the campaign. Political supporters don’t like incompetence.

Neither do senators whose campaign, recount and seven-week-long contest may just be teetering on the brink of a bitter defeat.

Jay Weiner can be reached at jweiner [at] minnpost [dot] com.

Comments (14)

  1. Submitted by Alyce Bowers on 03/12/2009 - 06:45 pm.

    Some bloggers say that Coleman may be liable for sizable fines. Apparently failure to secure credit card information is illegal. He not only failed to secure, he actually made it easily accessible.

    Really a rookie mistake. Nobody tries to handle their own credit card accounts – this is ALWAYS done by third party, commercial accounts that know what they are doing.


  2. Submitted by Gary Peterson on 03/12/2009 - 06:56 pm.

    Wow. Thanks, Jay, for such a careful recitation and the keen insight.

  3. Submitted by Michael Rhodes on 03/12/2009 - 08:07 pm.

    Thanks for this great account of events. Given, however, that websites are public, unlike briefcases, I think the briefcase metaphor is too kind to Coleman. It’s not that anyone opened a briefcase and looked inside; it’s more like someone published the contents of their private briefcase unwittingly. The distinction is that even if finding the Excel file took Internet savvy, it did not require entering someone’s private space. That’s a technical distinction that matters immensely because it leaves Coleman with no real grounds for disgust, except perhaps at his web team.

  4. Submitted by Jude Dornisch on 03/12/2009 - 10:33 pm.


    You are a bit to kind to the Coleman techs.

    As far as WikiLeaks goes. This was not a dump by political opponents, while they are not in any way fans of Norms, it had less to do with hurting Norm then helping themselves. (see ). They are fund raising. So a high profile news story helps them.

    At the same time everything they said is true. Copies of the Coleman database are out there. That they have not been used for identity theft is really only a testament to the people who downloaded them. But if this didn’t get coverage it really was only a matter of time until someone got a copy. I am surprised that the bad guys didn’t already get the database from a Peer to Peer network already. (google “marine one Iran”)

  5. Submitted by Eric Ferguson on 03/12/2009 - 11:54 pm.

    A good summary. One point that it seems should be made salient is that the first person we know of to discover the database reported it. To carry on the analogy of finding the briefcase, that strikes me as turning in the briefcase after opening it in order to find the identify the owner. Of course, multiple people could find this briefcase, though from the lack of credit card theft, it appears no one used the numbers. It’s possible everyone who downloaded it was merely confirming the story for themselves. We won’t know for sure unless and until someone uses the stolen card numbers.

    I’ve worked with computers long enough to know that mistakes happen, even big mistakes. Sometimes a technician learns something the hard way, so I don’t see anything deliberate about exposing the database. Also, at least until you mentioned the Coleman campaign still insists their site was crashed by traffic, I was ready to believe the crash was a technical error, and a non-technical PR staffer jumped to a conclusion and announced it was the traffic. Now I don’t know.

    The point that’s going to be the controversy is that the Coleman campaign didn’t tell donors until Wikileaks forced them to over a month later. I can’t see an innocent explanation for that.

    Also, following the story in different sources, I see Coleman and his supporters making baseless accusations that Franken, or the DFL, or Wikileaks, or liberals and Democrats in general, hacked the site to steal the data. There’s no proof yet that the site was hacked or that the data was used. I also seems logical that if the intent was to steal the data, they would have kept the security hole secret and kept using it.

  6. Submitted by Karl Bremer on 03/13/2009 - 09:44 am.

    Well, I must admit, unjournalistic as it may have been, I sent an email to Mark Drake, then one of Coleman’s media relations team, and simply directed him to the Minnesota Independent story and, in the email topic wrote: “guessing you’ve seen this, but just in case . . .”

    I have no receipt of a return email from Drake, but the next day, the Coleman site was on-again/off-again, and some Coleman staffers at the courthouse were sheepish about the situation.

    Unjournalistic is right. A journalist would have emailed Drake the link to the story along with a list of questions you would like him to respond to, followed up with a phone call, and then written a story. Instead, you acted like a Coleman campaign volunteer and tipped him off.

    Furthermore, why would Drake respond when he wasn’t even asked to? If he can get away with being tipped off by a friendly reporter on an unpleasant story without having to answer any questions, of course he’s not going to call you!

    You’re the one who should be feeling sheepish about all this, Jay.

  7. Submitted by Lynnell Mickelsen on 03/13/2009 - 09:58 am.

    I’m not a tech geek nor a “venomous anti-Norm Coleman zealot, key words here being “venomous” and “zealot.”

    I’m anti-Norm because he chaired the Senate subcommittee on Investigations from 2003 to 2007, the same committee that Harry Truman chaired while he investigated war profiteering. Norm Coleman was chair during one of the most outrageous abuses of defense contracts in our country’s history. And he never held a single hearing about it.

    He just sat there while Republican-owned companies like Halliburton, KBR, Blackwater and others ruthlessly looted the U.S. Treasury. And this is just one example of Norm failing to represent us. I could give dozens more. But I digress.

    I think Jay is way too easy on Norm. He describes him as sad, pensive, emotional, angry, trying to come to grips with the fact that he has lost his Senate seat.

    But why not point out that he’s also lying? Norm ain’t dumb. It’s absolutely clear the site wasn’t hacked. It was left open through Team Coleman’s own incompetence. Instead of letting Coleman’s donors know so they could cancel their cards, the Coleman campaign kept silent until they were outed by Wikileaks. But instead of taking responsibility, Norm talks about an “theft” and an “attack on his campaign” in an not too subtle attempt to shift the blane to Franken.

    This is repellent. And unfortunately, we’ve seen it before. Remember last fall, when Norm was accused of taking a $75,000 gift from a wealthy supporter, via a “payment” to his wife for “insurance work” and not listing it in his Senate disclosure forms? (which is a felony, I believe.) Once again,it was clear to anyone who looked into the matter that it had nothing to do with the Franken campaign or even politics. It was a civil suit in Texas between two (Republican) businessmen. But Coleman once again describe it as a political “attack” on his family and again blamed it on Franken.

    If a Democrat had done similar things, I hope I’d be equally disgusted. For me, at this point, it’s not about Norm’s party affiliation, it’s about his continual craven dishonesty. The guy has no moral compass. Hasn’t had one in a long, long time. It’s really creepy.

    So why the continual soft easy treatment of him, even here in MinnPost?

  8. Submitted by John Reinan on 03/13/2009 - 10:00 am.

    I disagree. I think Jay was being a mensch.

  9. Submitted by Steve Titterud on 03/13/2009 - 10:28 am.

    I think Norm Coleman is right – this is going to have a very debilitating effect.

    Would YOU trust your private personal and financial information to his campaign, right now?

    Trust is built by the inch but destroyed by the yard.

  10. Submitted by Peggy Huss on 03/13/2009 - 12:57 pm.

    While watching the closing arguments on the Uptake this morning, the Uptake’s courtroom reporter (Noah) said that he had been able to trace the Coleman fundraising/ credit card processing to the group that brought us “Swiftboat” in 2004. What do you know about this Jay?

  11. Submitted by David Skarjune on 03/13/2009 - 03:11 pm.

    AP reported:
    “Coleman attorney Fritz Knaak and campaign manager Cullen Sheehan said the campaign became aware of a possible security breach in January, but an investigation, which Knaak said involved the U.S. Secret Service, found that no unauthorized party had accessed the confidential information.”

    Jay writes:
    “But that night [Jan. 28], I clicked on it, and I got the chills. There for everyone to see was an Excel spreadsheet of supporters or volunteers. I didn’t look at them all that long.”

    Adria Richards’ documentation of the breach only shows a database.tar.gz file in a db directory, which would suggest a backup file type that would need to be uncompressed to get to the contents, which might typically be a SQL, CSV, or TXT type, although MySQL and PHP functions commonly dump to XLS format as well.

    Adria did NOT download it, Jay admits he did and extracted a file that Excel could view of a database table backup dump, or maybe Jay was given a more convenient link to a file extracted by a staffer or outsider. Either way, Jay’s admission corrobates the Wikileaks assertion.

    Jay, this is a another piece of the smoking gun, validating what IT pros have already concluded—if the directory and files were exposed and if messages and tweets were flying around cyberspace about it, it was certainly downloaded.

    So, who is covering up? Coleman? Feds? Both?

  12. Submitted by John Rice on 03/13/2009 - 03:41 pm.

    Jay Weiner’s declining to act as a pit-bull-anti-Norm person and to go after Mark Drake means his reporting is that much more credible.
    The article is about someone in the Coleman campaign messing up, the campaign’s inadequate response – right through today. And all Coleman can do is sputter political insinuations that lack any credibility. That is a very human story. Even if we do not feel sorry for Norm’s failing political fortunes, which I do not, Jay has evoked the pathos of Coleman’s situtation.

  13. Submitted by Jean Schiebel on 03/13/2009 - 06:31 pm.

    I am so tired of Norm Coleman playing the victim every time he is caught doing something not quite kosher.
    I hope this mess ends soon so Minnesota can gte it’s clean reputtaion back.
    That is if Norm and friends haven’t destroyed it forever.

  14. Submitted by Ross Williams on 03/13/2009 - 10:48 pm.

    “You’re the one who should be feeling sheepish about all this, Jay.”

    I agree.

    “Jay Weiner’s declining to act as a pit-bull-anti-Norm person and to go after Mark Drake means his reporting is that much more credible.”

    That’s nice, except that every one of Norm’s contributors were thereby left in the dark that they had their credit card data compromised. So we have a reporter building his credibility by not reporting important, but embarrassing, information. Its fortunate that silence was only exposed by one of Coleman’s political opponents rather than by a criminal using the data.

    The story of Norm’s mistake pales compared to the apparent willingness of the media to cover up for him.

Leave a Reply