WASHINGTON — The National Republican Congressional Committee said Tuesday that it was hit with a “cyber intrusion” during the 2018 midterm campaigns and has reported the breach to the FBI.
The committee provided few details about the incident, but said the intrusion was conducted by an “unknown entity.”
“The cybersecurity of the committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter,” spokesman Ian Prior said in a statement. “To protect the integrity of that investigation, the NRCC will offer no further comment on the incident.”
The FBI did not immediately respond to a request for comment. Politico first reported the cyberbreach.
The severity and circumstances of the hacking weren’t made clear. Politically motivated cyberespionage is commonplace across the world, but Americans have become particularly alert to the possibility of digital interference following the 2016 election. That hack is still fresh in the minds of many political operatives.
In March 2018, NRCC Chairman Steve Stivers said the committee hired multiple cybersecurity staffers to work with its candidates and promised to do more.
“We’re starting to advise campaigns, but we’re not ready to roll the whole thing out. We’re working on it,” Stivers said at the time. “We’re working on the technology-based stuff to try and make sure that we know what’s out there — which is hard, too — and then we try to defend against it the best we can.”
In August, Microsoft alerted the public to attempts by government-backed Russian hackers to target U.S. conservatives’ email by creating fake websites that appeared to belong a pair of think tanks, the Hudson Institute and International Republican Institute. It also confirmed an attempt similarly attributed to Russian hackers to infiltrate the Senate computer network of Sen. Claire McCaskill, the Missouri Democrat who lost a re-election bid in November.
Google later confirmed in September that the personal Gmail accounts of multiple senators and staffers had recently been targeted by foreign hackers, though it did not specify the cyberspies’ nationality nor the party affiliations of the targets.
During the 2016 presidential campaign, Russian state-aligned hackers organized the leak of more than 150,000 emails stolen from more than a dozen Democrats. The FBI later said that the Russians had targeted more than 300 people affiliated with the Hillary Clinton campaign and other Democratic institutions over the course of the presidential contest.
During the 2016 presidential election, WikiLeaks’ released hacked material damaging to Hillary Clinton’s presidential effort, and U.S. intelligence agencies have said Russia was the source of that hacked material. Special counsel Robert Mueller is now investigating Russian interference in the 2016 presidential election, possible Russian ties to Donald Trump’s presidential campaign and whether anyone had had advance knowledge of WikiLeaks’ plans.
Democratic lawmakers saw their cellphone numbers splashed online and voting databases for all 50 states had some type of intrusion attempt, although only a few were compromised. That included Illinois, where records on 90,000 voters had been downloaded. There was no evidence any votes were altered.
Election systems are constantly under fire from efforts to steal sensitive data, disrupt services and undermine voter confidence.
Federal officials said after the midterms this year there had been no obvious voting system compromises — which appeared to remain the case, despite the hacking effort. There had been a major push since the midterms to shore up defenses against potential cyber intrusions, but most states remained highly vulnerable.