The Democratic National Committee said late Wednesday night that what it had earlier feared was the beginning of a sophisticated attempt to hack into its voter database, was, in fact, an unauthorized “simulated phishing test” and not an actual attempt to hack into its systems by an adversary.
The DNC did not say what entity commissioned or built the test and it’s not clear how they determined the hack was actually a phishing test.
Earlier on Wednesday, Bob Lord, the committee’s chief security officer, briefed Democratic officials after detecting a fake login page that was designed to look like the access page Democratic Party officials and campaigns across the country use to log into a service called Votebuilder, which hosts the party’s voter database, a Democratic source familiar with the briefing told CNN.
The initial detection of the apparent hacking attempt by a cybersecurity firm on Monday prompted the DNC to call the FBI, the source said.
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said in a statement released shortly after.
However, as the committee continued its investigation on Wednesday, it became apparent that the apparent hack was not what it seemed.
In a statement, Lord said, “We have continued to investigate the phishing site reported to the DNC yesterday. We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder. The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.”
It is not uncommon for organizations to hire “red teams” to identify gaps in that organization’s cybersecurity practices. However, in this case, it appears that the team that ran the test did so without the knowledge of the DNC.
Lord said the DNC had taken the “necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised.”
“There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks,” he added.
The DNC’s snafu comes amid reporting of other attempted hacks on Democratic campaigns. Last week, it emerged two Democratic primary campaigns in California had been breached earlier this year.
On Tuesday, Microsoft said it had thwarted part of a Russian military intelligence operation targeting the US Senate and conservative think tanks that advocated for tougher policies against Russia.