clock menu more-arrow no yes

Filed under:

DNC stopped hack attempt of voter file

The Democratic National Convention in Philadelphia in 2016. What the Democratic Party first thought was a malicious attempt to hack the party's massive voter information file turned out to be just a security test. | AP file photo

CHICAGO — The Democratic National Committee said Wednesday that it has thwarted a hacking attempt on its database holding information on tens of millions of voters across the country.

A party official said DNC contractors notified the party Tuesday of an apparent hacking attempt. The committee notified federal law enforcement. The official said no information was compromised and added that it’s unclear which third party had attempted the hack.

The FBI did not immediately respond to a request for comment.

Bob Lord, the DNC’s chief security officer, briefed the leaders of state parties on the attempt at a party gathering Wednesday morning in Chicago. The DNC distributes the voter file to state parties for Democratic candidates to use the information to target voters during campaigns.

“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said in a statement. He said President Donald Trump isn’t doing enough to protect American democracy.

“We can’t do this alone,” he said. “We need the administration to take more aggressive steps to protect our voting systems.”

The hacking attempt comes as Democrats gather for their summer meeting. The party’s cybersecurity has been an issue since the 2016 presidential election, when hackers identified as Russian by U.S. intelligence agencies compromised DNC servers and publicly revealed internal communications that exploited divisions between Bernie Sanders’ and Hillary Clinton’s campaigns as the two candidates vied for the Democratic presidential nomination. Hackers also accessed the email accounts of Clinton’s campaign chairman, John Podesta, and systematically released the contents throughout the fall campaign.

In Tuesday’s incident, a scanning tool deployed by the San Francisco security company Lookout detected a masquerading website designed to harvest the passwords of users of the login page of NGP VAN, a technology provider used by the Democrats and other liberal-leaning political organizations, the company said in a statement.

Lookout investigated and notified the company hosting the website, DigitalOcean, which took it down within hours, and Lookout’s vice president of security intelligence, Mike Murray, reached out to the DNC and NGP VAN to begin the investigation, the company said.

Murray, incidentally, was a tech volunteer in 2016, when he helped the Democratic leadership fight off hacking attempts later determined by U.S. investigators to be from Russian military agents.

NGP VAN was one target of the 2016 Russian hacking onslaught against Democratic political staffers, according to data provided to The Associated Press last year by cybersecurity firm Secureworks

Trump, a Republican, has mocked the DNC’s cybersecurity and cast doubt on intelligence findings that Russia was involved.

Associated Press writers Frank Bajak in Boston and Mike Balsamo in Los Angeles contributed to this report.

RELATED: Microsoft discovers more Russian hacking ahead of midterms