The 11-Year-Old Who Hacked an Election and Then Built a Movement for Girls
DEF CON 26 in Las Vegas. Thousands of elite security professionals filled the dimly lit halls. An 11-year-old girl in a t-shirt reading “Time for hacking to be done” sat down at a computer. Her target: a replica state election website.
Minutes later, she executed an SQL injection attack. She gained administrative access. She began changing vote tallies. She rewrote the results, deleting candidates and altering the “future” of a simulated democracy.
The hacker was Bianca Lewis, known online as BiaSciLab. The exploit grabbed headlines. A U.S. Congressional hearing on election security cited her work. For Lewis, this was more than a stunt. This was the spark for a career dedicated to fixing the systems she broke and bringing a new generation of girls along with her.
The Exploit: “It Was Scary Easy”
Lewis’s breakout moment occurred in 2018 at the r00tz Asylum, a dedicated educational space for kids within the massive DEF CON hacking conference. The event featured the Voting Village, where security researchers dissected voting machines and election infrastructure to find vulnerabilities.
Lewis targeted a replica of the Florida Secretary of State’s election reporting website. The system reported vote totals to the public. Security flaws riddled the system. Lewis inputted a specific string of code into the site’s database interface. She exploited a vulnerability known as SQL injection.
“I removed Trump. I erased every single vote for him,” she told reporters at the time.
A pre-teen manipulated what the public saw as election results. The ease of this hack sent shockwaves through the election security community. Voting machines themselves are air-gapped, disconnected from the internet. The reporting infrastructure informing the public is often vulnerable to manipulation. This manipulation causes chaos and distrust on election night.
Taking Action: Secure Open Vote
Lewis didn’t stop at pointing out the problem. Current election infrastructure was often proprietary, outdated, and insecure. She launched Secure Open Vote.
The project is an ambitious attempt to design a free, open-source, end-to-end election system. Lewis’s philosophy aligns with the core hacker ethos: if you don’t own the code, you don’t own the system. For democracy to be trusted, the code running democracy must be transparent. Anyone should audit the code, not hide the code inside “black box” machines owned by private vendors.
Girls Who Hack: Demystifying the “Elite Club”
Lewis’s most significant impact has been cultural rather than technical. She was often the only girl in the room at tech events. She noticed cybersecurity felt like an “exclusive elite club.” Intimidating. Male-dominated. Unwelcoming to beginners.
She founded Girls Who Hack, an organization dedicated to teaching girls hacking skills so they “change the future.”
The Mission:
Breaking Barriers: The program shows girls hacking isn’t for “geniuses in hoodies.” Hacking is a learnable skill.
Peer-to-Peer Learning: Lewis teaches many workshops herself. She believes girls are more likely to learn from a peer who explains concepts “as a friend” rather than an adult expert using jargon.
Curriculum: The workshops cover real-world skills. Web hacking. Python programming. Hardware tinkering. Capture-the-flag (CTF) competitions.
“Women aren’t taken as seriously in the cybersecurity field,” Lewis noted in an interview. Her goal: normalize the presence of women in the industry starting at the middle-school level. She creates a pipeline of talent, confident and community-oriented.
A Voice for the Next Generation
Lewis is now a seasoned speaker at age 17 (as of late 2024). She has keynoted major conferences like H.O.P.E., DEF CON’s Bio Hacking Village, and Sunshine CyberCon. Her message has evolved from technical exploits to advocacy for diversity. She emphasizes cybersecurity needs neurodiverse thinkers, different backgrounds, and specifically more women to solve the complex problems of the future.
Her journey from a curious kid with a soldering iron to a CEO and industry advocate proves a lesson: You are never too young to break things. Or to fix them.
Key Takeaways for the Industry
Vulnerability affects everyone: If an 11-year-old finds a flaw, nation-state actors will find the same flaw.
Representation matters: Girls Who Hack succeeds because the program provides a safe, relatable entry point for underrepresented groups.
Open Source Security: Projects like Secure Open Vote highlight the growing demand for transparency in critical infrastructure.
