- The breach reportedly saw the attackers steal thousands of sensitive emails.
- The hackers reportedly spied on the email accounts of four senior NRCC aides for months.
The National Republican Congressional Committee (NRCC) reportedly suffered a major data breach during the 2018 midterm election, which was hushed up. On 4th December, Ian Prior, Vice President at the public relations firm hired by the NRCC to investigate the breach, confimed the breach, adding that the FBI was investigating the hack.
Prior also confirmed the breach in an email to the Hill. He added that NRCC will refrain from commenting on the incident to protect the integrity of the investigation. However, according to a report by Politico, the organization discovered the attack early on but refrained from informing top Republican officials about the breach.
The breach reportedly saw the attackers steal thousands of sensitive emails. The hackers reportedly spied on the email accounts of four senior NRCC aides for months.
When was the hack first discovered?
- According to Politico, which first reported about the breach, the NRCC was first alerted about the breach in April by a security services provider that monitors the NRCC’s network. At the time four senior committee aides had been surveilled by the attackers for months.
- The NRCC alerted Crowdstrike, the cybersecurity firm that investigated the 2016 Democratic National Committee hack. However, the organization chose not to disclose the intrusion to the leading House Republicans. Senior House Republican Paul Ryan and majority leader Mitch McCarthy were allegedly unaware of the breach until Politico questioned the NRCC.
Who hacked the NRCC?
The identity of the cybercriminals behind the hack is currently unknown. However, party officials suspect a foreign agent to be responsible for the intrusion, Politico reported.
Party officials told Politico that none of the data accessed by the hackers was exposed publicly, nor did anyone threaten to expose the information. Meanwhile, the NRCC has hired Covington & Burling and Mercury Public Affairs to investigate the breach and has reportedly implemented protective measures to safeguard its data from such attacks in the future.