NRCC officials hacked during 2018 election

The House GOP's campaign arm informed the FBI of the breach, but chose not to disclose it to senior GOP leaders.
Written by Stephanie Condon, Senior Writer

The National Republican Congressional Committee (NRCC) said Tuesday that it was the victim of a cyber intrusion during the 2018 campaign season. As first reported by Politico, the email accounts of four senior aides at the orgnanization were surveilled for several months.

"The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity," Ian Prior, a spokesman for the NRCC, said in a statement to ZDNet's sister site CNET. "The cybersecurity of the Committee's data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter."

Also: Election hacking: getting the words right

The NRCC, which serves as the campaign arm for the House GOP, first learned of the breach in April from a managed security services provider. The NRCC alerted Crowdstrike, the cybersecurity firm that led the investigation into the 2016 hack of the Democratic National Committee.

However, according to Politico, the NRCC chose not to disclose it to top House GOP leaders. The rank-and-file members were also kept in the dark. Meanwhile, in the run-up to the November elections, the GOP continued to slam Democrats for their handling of cybersecurity.

Unnamed party officials told Politico that they believe a foreign agent was behind the attack. The NRCC has declined to say when the surveillance began. However, party officials told Politico that no donor information was compromised, nor has any of the accessed information appeared in public.

Also: US midterm elections: Microsoft thwarts Fancy Bear hacking threat

After the DNC was hacked in 2016, more than 19,000 confidential emails and files were leaked via WikiLeaks. Former FBI director James Comey said during congressional testimony last year he had "no doubt" the Russian government was behind the DNC hack. In July of this year, the Justice Department indicted 12 Russian hackers for the attack.

See inside an Amazon fulfillment center where many of the workers don't get paid

Previous and related coverage:

Majority of county election websites in 20 key swing states use non-.gov domains

Many county election websites also found to be lacking HTTPS support.

Project Lakhta: Russian national charged with US election meddling

The Russian citizen allegedly played a key role in the spread of fake news and trolling across social media networks.

No Russian interference yet in US midterm elections: FireEye

Influence operations by Russia's Internet Research Agency are becoming more sophisticated, but so far there have not been any hack-and-leak operations or attacks on election infrastructure seen in 2016, according to FireEye.

Editorial standards