WASHINGTON (AP) — If the FBI discovers that foreign hackers have infiltrated the networks of your county election office, you may not find out about it until after voting is over. And your governor and other state officials may be kept in the dark, too. There’s no federal law compelling state and local governments to share information when an electoral system is hacked. And a federal policy keeps details secret by shielding the identity of all cyber victims regardless of whether election systems are involved.

Election officials are in a difficult spot: If someone else’s voting system is targeted, they want to know exactly what happened so they can protect their own system. Yet when their own systems are targeted, they may be cautious about disclosing details. They must balance the need for openness with worries over undermining any criminal investigation. And they want to avoid chaos or confusion, the kind of disruption that hackers want.

The secrecy surrounding foreign hacks is not a hypothetical issue. The public still doesn’t know which Florida counties were breached by Russian agents in the 2016 election. Rick Scott, Florida’s governor in 2016 and now a U.S. senator, was not told at the time and didn’t learn most of the details until this year. And the threat to electoral systems is real. Federal officials believe Russian agents in 2016 searched for vulnerabilities within election systems in all 50 states. And the nation’s intelligence chiefs warn that Russia and other nations remain interested in interfering in U.S. elections.

Meanwhile, experts worry the White House hasn’t highlighted the threat as President Donald Trump argues it’s OK for foreign countries to provide damaging information on his political rivals, a matter now the subject of an impeachment inquiry led by House Democrats. In general, it’s up to electoral agencies to disclose when they’ve been hacked. That, plus the federal policy protecting the identity of cyber victims, could mean that state election officials might not be told immediately if one of their local election offices experiences a breach. In addition, the whole situation could be considered classified as part of a federal investigation.

At least two states — Colorado and Iowa — have implemented policies to compel local officials to notify the state about suspected breaches involving election systems. Due to the criminal nature of cyber breaches, law enforcement officials may seek to withhold releasing certain information long after the incident. In June, a majority of Americans expressed at least some concern that voting systems are vulnerable to hackers, according to a poll from The Associated Press-NORC Center for Public Affairs Research. Yet election officials want to ensure they have a good understanding of what happened before going public so they don’t contribute to the confusion that the hackers may be trying to achieve.

Cyber intrusions are inherently complicated, taking time to understand and contain. There is also a concern of inadvertently releasing information that could invite further compromises or undermine an investigation. Matt Dietrich, spokesman for the Illinois State Board of Elections, said it would be hard to imagine that any election office would seek to keep something like that quiet today. “In 2016, it was a story and then it was dealt with and then it kind of went away for a year,” Dietrich said. “That is not going to happen this time. It will be a national and a worldwide story. We all know this. We all know we are going to be under the microscope.”