Republican campaign committee hit by 'cyber intrusion' during midterms

The U.S. Republican Party's congressional election committee said Tuesday that it was hit with a "cyber intrusion" during the 2018 midterm campaigns and has reported the breach to the FBI.

Breach reported to FBI

The severity and circumstances of the hacking into the National Republican Congressional Committee weren't made clear. (Robyn Beck/AFP/Getty Images)

The U.S. Republican Party's congressional election committee said Tuesday that it was hit with a "cyber intrusion" during the 2018 midterm campaigns and has reported the breach to the FBI.

The National Republican Congressional Committee provided few details about the incident, but said the intrusion was conducted by an "unknown entity."

"The cyber-security of the committee's data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," spokesperson Ian Prior said in a statement. "To protect the integrity of that investigation, the NRCC will offer no further comment on the incident."

The FBI did not immediately respond to a request for comment. Politico first reported the cyber-breach.

The severity and circumstances of the hacking weren't made clear. Politically motivated cyber-espionage is commonplace across the world, but Americans have become particularly alert to the possibility of digital interference following the 2016 election. That hack is still fresh in the minds of many political operatives.

In March 2018, NRCC chairman Steve Stivers said the committee hired multiple cyber-security staffers to work with its candidates and promised to do more.

"We're starting to advise campaigns, but we're not ready to roll the whole thing out. We're working on it," Stivers said at the time. "We're working on the technology-based stuff to try and make sure that we know what's out there — which is hard, too — and then we try to defend against it the best we can."

Previous hacking attempts

In August, Microsoft alerted the public to attempts by government-backed Russian hackers to target U.S. conservatives' email by creating fake websites that appeared to belong a pair of think tanks, the Hudson Institute and International Republican Institute. It also confirmed an attempt similarly attributed to Russian hackers to infiltrate the Senate computer network of Sen. Claire McCaskill, the Missouri Democrat who lost a re-election bid in November.

Google later confirmed in September that the personal Gmail accounts of multiple senators and staffers had recently been targeted by foreign hackers, though it did not specify the cyberspies' nationality nor the party affiliations of the targets.

During the 2016 presidential campaign, Russian state-aligned hackers organized the leak of more than 150,000 emails stolen from more than a dozen Democrats. The FBI later said that the Russians had targeted more than 300 people affiliated with the Hillary Clinton campaign and other Democratic institutions over the course of the presidential contest.

During the 2016 presidential election, WikiLeaks' released hacked material damaging to Hillary Clinton's presidential effort, and U.S. intelligence agencies have said Russia was the source of that hacked material. Special counsel Robert Mueller is now investigating Russian interference in the 2016 presidential election, possible Russian ties to Donald Trump's presidential campaign and whether anyone had had advance knowledge of WikiLeaks' plans.

Democratic lawmakers saw their cellphone numbers splashed online and voting databases for all 50 states had some type of intrusion attempt, although only a few were compromised. That included Illinois, where records on 90,000 voters had been downloaded. There was no evidence any votes were altered.

Election systems are constantly under fire from efforts to steal sensitive data, disrupt services and undermine voter confidence.

Federal officials said after the midterms this year there had been no obvious voting system compromises — which appeared to remain the case, despite the hacking effort. There had been a major push since the midterms to shore up defences against potential cyber intrusions, but most states remained highly vulnerable.


To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

Become a CBC Member

Join the conversation  Create account

Already have an account?