Image: U.S. Democratic presidential candidate Hillary Clinton looks at a computer screen during a campaign stop at Atomic Object company in Grand Rapids, Michigan, U.S. March 7, 2016. REUTERS/Carlos Barria/File Photo
By Mark Hosenball, Joseph Menn and John Walcott
WASHINGTON/SAN FRANCISCO (Reuters) – A computer network used by Democratic presidential nominee Hillary Clinton’s campaign was hacked as part of a broad cyber attack on Democratic political organizations, people familiar with the matter told Reuters.
The latest attack, which was disclosed to Reuters on Friday, follows two other hacks on the Democratic National Committee, or DNC, and the party’s fundraising committee for candidates for the U.S. House of Representatives.
A Clinton campaign spokesman said in a statement late on Friday that an analytics data program maintained by the DNC and used by the campaign and a number of other entities “was accessed as part of the DNC hack.”
“Our campaign computer system has been under review by outside cyber security experts. To date, they have found no evidence that our internal systems have been compromised,” said Clinton campaign spokesman Nick Merrill.
Later, a campaign official said hackers had access to the analytics program’s server for approximately five days. The analytics data program is one of many systems the campaign accesses to conduct voter analysis, and does not include social security numbers or credit card numbers, the official said.
The U.S. Department of Justice national security division is investigating whether cyber attacks on Democratic political organizations threatened U.S. security, sources familiar with the matter said on Friday.
The involvement of the Justice Department’s national security division is a sign that the Obama administration has concluded that the hacking was sponsored by a state, people with knowledge of the investigation said.
While it is unclear exactly what material the hackers may have gained access to, the third such attack on sensitive Democratic targets disclosed in the last six weeks has caused alarm in the party and beyond, just over three months before the Nov. 8 U.S. presidential election.
Hackers, whom U.S. intelligence officials have concluded were Russian, gained access to the entire network of the fundraising Democratic Congressional Campaign Committee, or DCCC, said people familiar with the matter, detailing the extent of the breach to Reuters for the first time.
Cyber security experts and U.S. officials said earlier this week they had concluded, based on analysis of malware and other aspects of the DNC hack, that Russia engineered the release of hacked Democratic Party emails to influence the U.S. presidential election.
The U.S. Federal Bureau of Investigation said on Friday it was “aware of media reporting on cyber intrusions involving multiple political entities, and is working to determine the accuracy, nature and scope of these matters.”
“The FBI takes seriously any allegations of intrusions, and we will continue to hold accountable those who pose a threat in cyberspace,” the agency said in an emailed statement.
The hack did not involve the private email system Clinton used while she was secretary of state.
Yahoo News reported on Thursday night that the FBI had warned the Clinton campaign last March that it was a target of a cyber attack involving spearphishing and had asked the campaign to turn over sensitive data to help in its investigation, but that campaign lawyers rejected this request as too intrusive. A source familiar with the matter confirmed this account to Reuters.
The new disclosure to Reuters that hackers gained access to the full DCCC network means they would have had access to everything on the network from emails to strategy memos and opposition research prepared to support Democratic candidates in campaigns for the House.
The hack of the DCCC, which is based in Washington, was reported first by Reuters on Thursday, ahead of Clinton’s speech in Philadelphia accepting the Democratic party’s nomination.
Russian officials could not be immediately reached for comment.
Several U.S. officials said the Obama administration has avoided publicly attributing the attacks to Russia as that might undermine Secretary of State John Kerry’s effort to win Russian cooperation in the war on Islamic State in Syria.
The officials said the administration fears Russian President Vladimir Putin might respond to a public move by escalating cyber attacks on U.S. targets, increasing military harassment of U.S. and allied aircraft and warships in the Baltic and Black Seas, and making more aggressive moves in Eastern Europe.
Some officials question the approach, arguing that responding more forcefully to Russia would be more effective than remaining silent.
The Obama administration announced in an April 2015 executive order that it could apply economic sanctions in response to cyber attacks.
TRUMP ON EMAILS
The hack on the DNC, made public in June, led to WikiLeaks publishing more than 19,000 emails last weekend, some of them showing favoritism within the DNC for Clinton over U.S. Senator Bernie Sanders of Vermont. DNC Chairwoman Debbie Wasserman Schultz resigned on Sunday as a result, creating a rocky start for the party’s convention in Philadelphia this week.
Republican presidential nominee Donald Trump on Wednesday invited Russia to dig up thousands of “missing” emails from Clinton’s time at the State Department, prompting Democrats to accuse him of urging foreigners to spy on Americans.
On Thursday, Trump said his remarks were meant as sarcasm.
Earlier in the week, Clinton campaign senior policy adviser Jake Sullivan had criticized Trump and called the hacking “a national security issue.”
Trump campaign spokesman Jason Miller said on Friday the reported breach showed cyber security is “a problem wherever Hillary Clinton goes. Hopefully this time there wasn’t classified or top secret information that puts American lives at risk.”
In Washington, the DCCC said early on Friday it had hired cyber security firm CrowdStrike to investigate. “We have taken and are continuing to take steps to enhance the security of our network,” the DCCC said. “We are cooperating with federal law enforcement with respect to their ongoing investigation.”
The DCCC had no additional comment late on Friday. Officials at the DNC did not respond to requests for comment.
Senator Dianne Feinstein, a California Democrat and the top Democrat on the Senate intelligence committee, told CNN on Friday she had not heard about the hack of the Clinton campaign.
But she said: “It wouldn’t surprise me. I think it should be pretty clear that both campaigns should be aware that there’s a problem out there. Everybody should be cautious.”
(Additional reporting by Dustin Volz, Susan Cornwell and Emily Stephenson in Washington, Grant Smith in New York and Amanda Becker in Hatfield, Pennsylvania; Editing by Kevin Drawbaugh, Bill Rigby and Mary Milliken)
Copyright 2016 Thomson Reuters. Click for Restrictions.