Russia suspected of hacking computer service used by Clinton campaign
Published 30/07/2016 | 01:56
A computer service used by Hillary Clinton's campaign has been hacked in a broader breach of the Democratic National Committee, with the Russian government the prime suspect.
The breach affected a DNC data analytics programme used by the campaign and a number of other organisations, according to the campaign.
It said outside security experts reviewing the campaign's computer system found "no evidence that our internal systems have been compromised".
The brief statement did not specify what types of data the service was analysing, but partnerships with modern e-commerce companies can allow sophisticated tracking, categorisation and identification of website visitors. This can help organisations tailor their online content, advertising and solicitations to be more effective.
The announcement comes as the FBI investigates a hack at the DNC that resulted in the posting last week of embarrassing internal communications on WikiLeaks, and a similar intrusion of the House of Representatives Democratic Campaign Committee.
President Barack Obama has said Russia was almost certainly responsible for the DNC hack, an assertion with which cybersecurity experts have agreed.
The FBI said on Friday it was aware of "media reporting on cyber intrusions involving multiple political entities, and is working to determine the accuracy, nature and scope of these matters".
The intrusions have added another layer of mystery to the hacking of Democratic Party information that has been revealed in the heat of this year's presidential and congressional elections.
The DNC breach led to the release by WikiLeaks on July 22, days before the Democratic national convention began, of 19,000 emails showing that supposedly neutral party officials were favouring Mrs Clinton over Vermont senator Bernie Sanders during their primary contest for the presidential nomination.
As a result of that disclosure, party chairwoman Debbie Wasserman Schultz announced her resignation.
On Friday, the Democratic Congressional Campaign Committee, which raises money and provides other assistance for House of Representatives candidates, acknowledged a digital break-in of its computers that it said resembled the DNC hack.
Spokeswoman Meredith Kelly said the committee was "the target of a cybersecurity incident" and was informed by investigators "that this is similar to other recent incidents, including the DNC breach".
She said the congressional campaign committee was using CrowdStrike, a computer security firm based in Irvine, California, and "co-operating with the federal law enforcement with respect to their ongoing investigation".
She said her organisation was "continuing to take steps to enhance the security of our network in the face of these recent events".
CrowdStrike issued a statement confirming its work for the congressional campaign committee but provided no additional details.
The Clinton campaign took pains on Friday to assert that its own internal systems were not compromised by the hack of the DNC analytics service. But such third-party, connected systems represent appealing options for hackers searching for less-protected routes to attack an organisation.
Computer hacking, emails and indications of Russian involvement have evolved into a political issue in the presidential campaign between Mrs Clinton and Republican candidate Donald Trump.
This week Mr Trump encouraged Russia to seek and release more than 30,000 other missing emails deleted by Mrs Clinton, the former US secretary of state. Democrats accused him of trying to get a foreign adversary to conduct espionage that could affect this November's elections, but Mr Trump later said he was merely being sarcastic.
Mrs Clinton deleted the emails from her private server, saying they were private, before handing other messages over to the State Department. The Justice Department declined to prosecute her over her email practices, though FBI director James Comey called her "extremely careless" in handling classified information.
CrowdStrike and another security firm, ThreatConnect, of Arlington, Virginia, said they found evidence pointing to Russian government involvement in the DNC hack when they analysed the hackers' methods and efforts to distribute the stolen emails and other files.
The hacker groups, identified by CrowdStrike as Cozy Bear and Fancy Bear, used different but sophisticated techniques to break into the DNC and try to avoid detection. Most of the DNC emails appeared to have been stolen on May 25.