NRCC email breach confirmed eight months later

NRCC email breach confirmed eight months later

The National Republican Congressional Committee experienced an email breach in April, but little is known about the incident.A new report -- confirmed

One small step forward, one giant leap back
Microsoft Provides Guidance on Mitigating DDE Attacks
Enterprises should reconsider SMS-based 2FA use after breach

The National Republican Congressional Committee experienced an email breach in April, but little is known about the incident.

A new report — confirmed by committee officials — said that four senior aides had their NRCC email accounts hacked. The incident was detected in April, but the NRCC email accounts were compromised for several months, according to Politico.

Both the FBI and Crowdstrike were asked to investigate the NRCC email breach. Crowdstrike also notably investigated the Democratic National Committee email breach from 2016.

“In April 2018, CrowdStrike was asked by the NRCC to perform an investigation related to unauthorized access to NRCC’s emails,” the spokesperson said. “Prior to the incident, CrowdStrike was helping to protect NRCC’s internal corporate network, which was not compromised in this incident.”

However, despite the investigation, many House Republicans — including senior officials — were not informed of the NRCC email breach until after Politico began investigating the incident.

The NRCC did not respond to SearchSecurity’s requests for comment at the time of this post, and a spokesperson for the Committee refused to offer details about the breach to Politico, claiming it might interfere with the investigation.

The NRCC email hack compromised thousands of messages, but committee officials claim there have been no threats to leak the information. Even so, the NRCC hired two prominent law firms to “oversee the response to the hack.”

The NRCC email breach is the latest in a string of cyberattacks and data exposures involving political organizations. The Democratic National Committee and members of Hillary Clinton’s campaign had emails stolen during the 2016 election cycle. Last year, the Republican National Committee misconfigured cloud storage and exposed data on nearly 200 million voters.

Go to Source

COMMENTS