As a report surfaced July 29 that the campaign of presidential nominee Hillary Clinton was hacked, the Democratic Congressional Campaign Committee confirmed that it was breached shortly after the Democratic National Committee announced that it, too, had been hacked.
See Also: From Authentication to Advanced Attack Vectors: Top Trends in Cybercrime in Q1 2016
The Clinton campaign said that intruders had gained access to an analytics program used by the campaign and maintained by the Democratic National Committee, but it said that it did not believe that the campaign's own internal computer systems had been compromised, according to the New York Times.
News service Reuters, citing people familiar with the matter, reported that Clinton's campaign was hacked as part of a broad cyberattack on Democratic Party institutions. The New York Times reported the Clinton campaign hack appears to have originated from Russia's intelligence services.
The U.S. Department of Justice national security division is investigating whether the attacks on Democratic political organizations threatened U.S. security, sources familiar with the matter said, Reuters reports. The involvement of the Justice Department's national security division is a sign that the Obama administration has concluded that the hacking was state sponsored, individuals with knowledge of the investigation told the news service.
Meanwhile, DCCC spokeswoman Meredith Kelly said in a statement issued July 29 confirming its breach: "Based on the information we have to date, we've been advised by investigators that this is similar to other recent incidents, including the DNC breach. We are cooperating with the federal law enforcement with respect to their ongoing investigation."
Broad Attack on Democrats?
The breach at the DCCC, which raises money for Democratic House candidates, may have been launched by Russian hackers who also attacked Democratic National Committee, according to several news reports, quoting unnamed sources. The Washington Post reports that the FBI is treating the DNC and DCC breaches as a single investigation.
At a White House briefing held after the revelation of the DCCC breach but before word of the Clinton campaign hack, White House Deputy Press Secretary Eric Schultz said of the investigations of the DNC and DCCC attacks: "So if there are connected events that they would look at, that would be part of their investigation. Obviously, we expect that investigation to be thorough and deliberate and look at all the facts ... and to where they lead."
But Schultz would not say whether Russians were behind the attacks. "There's sort of a usual list of suspects when it comes to malicious cyber activity, so they're looking at those suspects," he said. "But at this point, they don't have any public confirmation to announce at this time."
Cybersecurity firm FireEye compiled a report on the DCCC hack that claims a Russia-based hacking group called APT 28 is the likely culprit, according to the website Morning Consult. Hackers targeted information on DCCC donors, FireEye claims.
Report: Hackers Redirected Traffic to Fake Website
The FireEye investigation revealed that the hackers created a website called Act Blues, which is similar to the DCCC's Act Blue domain, redirecting traffic to the fake one, CNBC reports. The hackers didn't steal money but might have collected information on donors for future illicit use. The hack lasted from at least June 19 to June 27, according to FireEye.
The FBI is trying to determine whether emails obtained in the DNC hack are the same ones that were leaked on the website of the anti-secrecy group WikiLeaks, the Washington Post reports. The DNC's leaked emails, which allegedly show bias by committee officials against unsuccessful presidential candidate Bernie Sanders, forced the resignation of DNC Chairwoman Debbie Wasserman Schultz (see Leaked DNC Emails Show Lax Cybersecurity).
A spokesman for Russia's embassy in Washington denied Russian involvement in the DNS and DCC hacks, according to several news media reports.