Democratic Fund-Raising Group For Congress Candidates Confirms Hack
A committee that raises money for Democratic candidates for the U.S. House of Representatives confirmed on Friday it had been hacked in an intrusion possibly linked to Russian hackers, similar to an earlier breach targeting another Democratic Party group.
In an incident that escalated concerns about the potential for Russian meddling in U.S. politics, Reuters first reported on Thursday that the U.S. Federal Bureau of Investigation is probing the hack at the Democratic Congressional Campaign Committee, or DCCC.
The intrusion took place from at least June 19 to June 27, though it may have been longer, according to analysis conducted by U.S. network security company FireEye.
The committee said in a statement it has hired cyber security firm CrowdStrike to investigate. “We have taken and are continuing to take steps to enhance the security of our network,” the committee said. “We are cooperating with federal law enforcement with respect to their ongoing investigation.”
The DCCC hack may be related to an earlier hack against the Democratic National Committee, which raises money and sets strategy for Democratic candidates nationwide. The DNC and DCCC occupy the same office building in Washington.
Potential links to Russian hackers in both incidents were likely to heighten accusations, so far unproven, that Moscow is trying to meddle in the U.S. presidential election campaign to help Republican nominee Donald Trump.
The Kremlin denied involvement in the DNC cyber attack.
In June, a bogus website was registered with a name resembling a DCCC donation site. For some time, donation-related internet traffic that was supposed to go to a donation-processing firm instead went to the fake site.
The DCCC intrusion may have been used to compromise the computer systems of donors who visited the spoof site, rather than to collect their personal information, said John Hultquist, manager of cyber espionage analysis at FireEye.
Several major Democratic donors contacted by Reuters on Friday said they had not been notified of the hack and were not concerned about their information being accessed.
“I’m less concerned about that than I am about my Amex being hacked,” said John Morgan, 60, a Florida attorney.
Cindy Miscikowski, 68, a California donor, said she would be upset if hackers got her bank information, but otherwise she was not worried because donations are disclosed publicly.
The timeframe of the DCCC hack would place it days after the DNC went public with its breach and said the hackers had been kicked out of its systems.
Sources said the numerical Internet address of the spurious DCCC site resembled one used by a Russian government-linked hacking group, one of two suspected in the DNC breach.
Rich Barger, co-founder of security intelligence firm ThreatConnect Inc, said his analysis of the fake donation site tied it to the group linked to Russian military intelligence.
He said the web domain name was set up through a service that accepts bitcoin, with a contact email address that had been used to set up websites involved in a major German hack, which also was attributed to the Russian group.
Cyber experts and U.S. officials said this week there was evidence that Russia engineered the DNC hack to release sensitive party emails and influence U.S. politics.
The DNC hack raised concerns among Democrats at the party’s convention in Philadelphia, where Hillary Clinton was nominated as the party’s candidate in the Nov. 8 presidential election.
The new hack at the DCCC could add pressure on the Obama administration to make a public accusation or retaliate. The Justice Department and other agencies have said it is important for deterrence to “name and shame” cyber adversaries.
“Any efforts on a nation state’s part to interfere with U.S. politics through cyber attacks would appear to cross a line that would demand a response from the U.S. government,” said D.J. Rosenthal, a former Justice Department and National Security Council official.
A former White House official, speaking on condition of anonymity, said any formal accusation would require overwhelmingly certain evidence.
Staffers for the Republican National Committee and the Democratic Senatorial Campaign Committee said separately that those campaign organizing groups had not been hacked.
(Additional reporting by Emily Stephenson and Susan Cornwell in Washington, Grant Smith in New York and Joseph Menn in San Francisco; Editing by Frances Kerry, Jonathan Oatis and Bill Rigby)