Republican Campaign Committee Hack, Sensitive Emails Stolen

Thousands of sensitive emails have reportedly been stolen in a hack that impacted a Republican House campaign committee amid the 2018 midterm elections race. The hack came to light through an exclusive report filed by Politico on December 4; the report says, “The House GOP campaign arm suffered a major hack during the 2018 midterm campaigns, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials.”

The hackers had targeted four email accounts, which they continued monitoring for many months. It was in April that the hack was detected. An investigation has also been initiated.

The Politico report adds, “The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated, and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.”

It was only after Politico contacted the NRCC with questions about the incident that senior House Republicans (including Speaker Paul Ryan of Wisconsin, Majority Leader Kevin McCarthy of California and Majority Whip Steve Scalise of Louisiana) were informed of the hack Rank-and-file House Republicans were also in the dark about the incident.

The NRCC reportedly has declined to give out further details; committee officials want to withhold detailed information about the hack since they feel that divulging details could affect their investigation and their efforts to find the culprits.

Though nothing is yet known about the identity of the hackers, it’s supposed that foreign hands are involved. The Politico report states, “Party officials would not say when the hack began or who was behind it, although they privately believe it was a foreign agent because of the nature of the attack.”

The FBI reportedly has declined to comment on the whole episode. Meanwhile, reports say that donor information hasn’t been compromised and none of the stolen emails have appeared online.

“None of the information accessed during the hack — thousands of emails from senior NRCC aides — has appeared in public, party officials said. And they said there were no attempts to threaten the NRCC or its leadership during the campaign with exposure of the information,”- reads the Politico report.

An MSSP monitoring the NRCC’s network was the first to detect the hack. NRCC officials were immediately informed and they alerted cybersecurity firm Crowdstrike, which had already been retained by the NRCC. Reports also point out that the NRCC did have security procedures in place and had also employed a full-time cybersecurity employee, as part of its endeavors to combat hacking and exposure of information.

The Politico report observes, “Cybersecurity remains a pressing concern for politicians and political committees, heightened by the high-profile Russian hacking of the Democratic National Committee and Hillary Clinton campaign chief John Podesta during the 2016 election cycle. It’s not clear, however, what the NRCC could have done to avoid this intrusion.”

The hack is no doubt embarrassing for the NRCC, which focuses on helping congressional Republicans win elections and also gets involved in fundraising.