The email accounts of four senior aides at the National Republican Congressional Committee were monitored by unknown hackers for months during the 2018 midterm election season, Politico reports.
So far, it’s unclear who’s behind the attack, though officials reportedly believe it’s a “foreign agent” based on the nature of the hack. Potentially thousands of email messages were obtained in the hack, which was first uncovered in April. The NRCC works to get Republicans elected to the House of Representatives. None of the stolen emails are believed to have been published, unlike emails stolen from Democratic officials in the 2016 election cycle.
The breach was discovered by a security service provider that monitors the NRCC’s networks. That company notified CrowdStrike, a security firm working for the NRCC that also worked with the Democratic National Committee to investigate the 2016 hacks, which are since linked to Russia. The NRCC reportedly also paid hundreds of thousands of dollars to law firm Covington and Burling and to Mercury Public Affairs for help in responding to the attack.
It’s not the only attempt to target politicians on the right side of the aisle: In August, Microsoft warned of phishing attack domains impersonating the websites of prominent conservative think tanks. Lindsey Graham, the Republican Senator from South Carolina, also saw his campaign email account breached around the 2016 election.
The Federal Bureau of Investigation is also investigating the NRCC hack.