Emails from top officials at the National Republican Congressional Committee were hacked during the 2018 midterm elections, Republican sources tell CNN, exposing the GOP’s House campaign arm to an intrusion by an “unknown entity.”
The hack, which was first reported by Politico, was discovered by a vendor in April after emails from four senior committee aides had been surveilled for months, a Republican official with knowledge of the intrusion tells CNN.
A source familiar with the investigation into the hack told CNN that the attackers would have been able to see all the emails being sent and received by the NRCC aides whose accounts were breached.
The attackers could have signed into those officials’ accounts as if they were the officials themselves, the source said. To do this, the source said the attackers had obtained the passwords belonging to the officials. The source would not say how the attackers obtained the passwords.
The attackers did not have access to other NRCC systems as a result of this breach, the source added.
The revelation of the hack comes weeks after House Republicans lost their majority and saw Democrats pick up close to 40 seats in the House. In a sign of how serious the committee believed the hack to be, they brought on the law firm Covington and Burling to handle the issue, as well as Mercury Public Affairs to deal with the public relations around the intrusion.
After the NRCC was alerted to the hack, top officials then informed CrowdStrike, a Republican official said, the cybersecurity firm that helped Democrats expel the Russians from their computer systems in 2016, and later shared information with the FBI as it investigated the election-season hacks.
Ian Prior, a spokesman for the committee, said Tuesday that they were hacked “by an unknown entity.”
“The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity,” said Prior. “The cybersecurity of the Committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter.”
“To protect the integrity of that investigation, the NRCC will offer no further comment on the incident,” he added.
In a statement, CrowdStrike confirmed it had been asked to investigate by the NRCC.
“In April 2018, CrowdStrike was asked by the NRCC to perform an investigation related to unauthorized access to NRCC’s emails. Prior to the incident, CrowdStrike was helping to protect NRCC’s internal corporate network, which was not compromised in this incident,” the company statement read.
The use of hacked material during electoral campaigns has been a focus ever since the 2016 campaign, when emails from the upper echelons of the Clinton campaign were leaked in the closing weeks of the campaign.
The Democratic Congressional Campaign Committee was also hacked in 2016. Kremlin-backed hackers published internal documents stolen from DCCC servers as part of the Russian government’s wide-ranging effort to interfere in the US election and some of those sensitive internal campaign documents were later used in Republican ads.
The heads of the NRCC and the DCCC engaged in prolonged negotiations over not using hacked materials in election ads during the 2018 midterms, but the talks broke down months before Election Day due to an erosion of trust between the parties.
Despite not signing any agreement, the head of the NRCC issued a statement saying the committee had no intention of using hacked material.
“We are not seeking stolen or hacked material, we do not want stolen or hacked material, we have no intention of using stolen or hacked material,” then NRCC chairman Steve Stivers of Ohio said at the time.
The hack of the NRCC could prove awkward for Republicans, given President Donald Trump has mocked his political opponents when they got hacked by foreign actors, and he has praised Republicans for investing in stronger cyber protections.
Shortly after Trump was briefed during the transition by senior US intelligence officials about the hacks at the Democratic National Committee, he gloated in his first comments and said the Republican National Committee was also targeted but “had strong hacking defenses and the hackers were unsuccessful.”