Thousands of emails from top Republicans were stolen during the 2018 midterm election in a major hack.
Email accounts from four top aides at the National Republican Congressional Committee were hacked and surveilled for several months. The hack was first detected in April by an MSSP, a managed security services provider that monitors the NRCC’s network; the FBI was then alerted.
The origin of the attack is unknown at this time, however; they believe it was a foreign agent.
None of the stolen emails were made public and the NRCC says donor information was not compromised.
The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials.
The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.
However, senior House Republicans — including Speaker Paul Ryan (R-Wis.), House Majority Leader Kevin McCarthy (R-Calif.) and Majority Whip Steve Scalise (R-La.) — were not informed of the hack until POLITICO contacted the NRCC on Monday with questions about the episode. Rank-and-file House Republicans were not told, either.
The NRCC confirmed in a statement they were the victim of a hack
“The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter. To protect the integrity of that investigation, the NRCC will offer no further comment on the incident,” said Ian Prior, a vice president at Mercury.
NRCC: NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Cmte’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating
— Chad Pergram (@ChadPergram) December 4, 2018