U.S. Republican campaign emails hacked months before election

By Ginger Gibson, Christopher Bing and Jim Finkle
Silhouettes of laptop users are seen next to a screen projection of binary code are seen in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/Files

By Ginger Gibson, Christopher Bing and Jim Finkle

WASHINGTON/NEW YORK (Reuters) - Email accounts for a campaign group supporting Republicans candidates running for the U.S. House of Representatives were hacked before this year's congressional elections, according to a person familiar with the investigation.

Hackers used National Republican Congressional Committee credentials to access a "small number" of email accounts at the organisation, which is also known as the NRCC, said the person, who was not authorized to discuss details of the attack.

NRCC spokesman Ian Prior confirmed the group was the victim of a cyberattack by an unknown party, but disputed that stolen passwords were used.

"Upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," Prior said.

The NRCC changed the passwords at its web-based email provider and took steps to prevent similar attacks, said the person, who did not name the email provider.

The hackers used techniques that make them difficult to identify and officials have yet to determine whether they were aligned with a foreign government, said a second person familiar with the case.

Cybersecurity firm CrowdStrike said in a statement that the NRCC asked it in April to investigate "unauthorised access" to the group's emails.

The NRCC had previous hired CrowdStrike to protect the NRCC’s internal corporate network, which was not compromised in the incident, the company said.

The news was first reported by Politico, which said the NRCC learned about the attack from a vendor who alerted the committee and its cybersecurity contractor.

Senior Republican House leaders, including Speaker Paul Ryan and Majority Leader Kevin McCarthy, were not informed, however, until contacted by the news site, Politico said.

An FBI spokeswoman declined comment.

A senior U.S. Department of Homeland Security official told Reuters on Tuesday the agency had not been informed by the NRCC or FBI of such an attack.

During the most recent election cycle, the NRCC raised more than $174 million and spent most of the cash on advertisements trying to help Republicans in difficult races.

Concerns about campaign security have heightened since U.S. intelligence agencies concluded last year that Russia orchestrated the hacking of Democratic officials to meddle with the 2016 presidential election.

Special Counsel Robert Mueller is investigating Russia’s alleged 2016 election meddling, which Moscow denies.



(Reporting by Ginger Gibson and Chris Bing in Washington and Jim Finkle in New York; Editing by Lisa Shumaker and Peter Cooney)