NRCC Hacked During 2018 Midterms, Emails Stolen

Party officials express concern culprit may be foreign agent

Rep. Kevin McCarthy / Getty Images
December 4, 2018

The National Republican Congressional Committee suffered a major hack earlier this year, according to three senior party officials, raising concerns the intrusion may have been orchestrated by a foreign agent.

Thousands of of sensitive emails were exposed to an outside intruder, reported Politico, who spoke to the officials on condition of anonymity. The emails of four senior aides were being monitored for months, an intrusion that was detected in April by an NRCC vendor, who told the committee and its cybersecurity contractor.

The committee conducted an internal investigation and alerted the FBI, but senior House Republicans like House Speaker Paul Ryan (R., Wis.), House Majority Leader Kevin McCarthy (R., Calif.) and Majority Whip Steve Scalise (R., La.), did not know about the hack until Politico reached out for a comment on Monday.

Committee officials said they decided to withhold the information because they were intent on conducting their own investigation, and feared that revealing the hack would compromise efforts to find the culprit.

"We don't want to get into details about what was taken because it's an ongoing investigation," said a senior party official. "Let's say they had access to four active accounts. I think you can draw from that."

The hack became a major source of consternation within the committee as the midterm election unfolded. The NRCC brought on the prominent Washington law firm Covington and Burling as well as Mercury Public Affairs to oversee the response to the hack. The NRCC paid the two firms hundreds of thousands of dollars to help respond to the intrusion. The committee’s chief legal counsel, Chris Winkelman, devoted hours of his time to dealing with matter.

Party officials would not say when the hack began or who was behind it, saying privately they believe it was a foreign agent because of the nature of the attack. They emphasized donor information was not compromised.

"The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," said Ian Prior, a vice president at Mercury.

Prior, who previously worked at the NRCC and Justice Department, is working with the NRCC to deal with the breach.

"To protect the integrity of that investigation, the NRCC will offer no further comment on the incident," Prior added.