At first what they found was reassuring. Everyone who had been blocked from voting had been offered a provisional ballot, and most had cast their votes that way. But as the investigators dug deeper, things looked less innocuous. In the days after the vote, more people started coming forward to say they’d also had problems with their voter registration on primary day. In at least half a dozen cases, Hestrin and his investigators concluded, the changes had been made by hackers who had used private information, like Social Security or driver’s-license numbers, to access the central voter-registration database for the entire state of California.

There the trail went cold. The California secretary of state’s office told Hestrin’s investigators that the state’s system hadn’t recorded the Internet addresses of the computers that had made the changes, so there was no way to learn the identity of the hackers. Hestrin could go no further, but that wasn’t the end of it. The lingering mystery of the voter-registration changes bred doubt among members of both parties. Local Republicans publicly alleged that Democrats were ignoring the issue and privately accused them of trying to suppress the GOP vote. Democrats thought Republicans were making up an excuse for their losses at the county polls. “That was a big concern,” says Hestrin, an elected Republican. “People should still have faith in our election systems.”

It was only months later that it dawned on investigators in D.C. that undermining voters’ faith may have been the point of the Riverside County hack all along.