Former Senate IT intern admits to doxing US senators on Twitter and Wikipedia

Staffer enraged by Kavanaugh hearing admits to doxing Republican senators.

Senate building

A former Senate IT intern pleaded guilty last week to stealing the personal information of five US senators and posting the data online in a tactic known as doxing.

The former intern, Jackson Cosko, 27, of Washington, D.C., posted the stolen personal data online during the September 27 Senate Judiciary Committee hearings of Supreme Court nominee Brett Kavanaugh, the infamous hearing when judge Kavanaugh faced Dr. Christine Blasey Ford about allegations of sexual assault.

Data like home addresses, personal cell phone numbers, and office numbers were posted on the Wikipedia pages of Republican senators Mike Lee (R-Utah), Lindsey Graham (R-South Carolina), and Orin Hatch (R-Utah), all three members of the Senate Judiciary Committee that was interviewing judge Kavanaugh at the time. The data was posted live, during the Senate hearing.

Details for two other senators --Mitch McConnell (R-Kentucky) and Rand Paul (R-Kentucky)--were later posted on their Wikipedia pages and on Twitter.

Besides posting personal information on these senators' Wikipedia pages, he also defaced some by leaving cryptic or non-sensical messages.

Senator Wikipedia defacement

Cosko arrested after being caught in the act

Capitol Police were notified of the doxing; however, the investigation didn't go anywhere until October 2, the next week, when two witnesses came forward.

The two, both working in the office of Senator Maggie Hassan (D-New Hampshire) said they spotted and confronted Cosko about breaking into their senator's office on several ocassions, including that day, where they found him using one of the password-protected computers.

Hassan, who served as an IT systems administrator for Hassan's office until May 2018, when he was fired, is believed to have used his previous access to the computers to install keyloggers that logged credentials.

With this revelation in hand, investigators later traced the doxings back to the IP addresses used by Cosko, and the MAC addresses of his devices.

At the time, Cosko was working on an another intern position for Rep. Sheila Jackson Lee (D-Texas). He was fired following his arrest.

Cosko also threatened witnesses

According to court documents obtained by ZDNet, Cosko obtained the personal data of the senators he doxed after gaining illegal access to Hassan's office computers multiple times between July 2018 and October 2018.

In his plea deal, Cosko also admitted that he tried to hide some of the evidence of his illegal access, and also threatened one of the witnesses.

"I own EVERYTHING," Cosko wrote in an email he sent to one of the witnesses. "If you tell anyone I will leak it all. Emails signal conversations gmails. Senators children's health information and socials."

Cosko will be sentenced on June 13. He faces up to 57 months in prison.

Related malware and cybercrime coverage: