White House hopefuls in Democrat data breach 'theft' row
Published 19/12/2015 | 02:01
The Democratic Party race for the US presidency has exploded in rancour as Hillary Clinton's campaign accused rival Bernie Sanders of stealing information worth millions of dollars about potential voters.
Mr Sanders' team, meanwhile, accused the party of holding his White House bid hostage by temporarily barring it from accessing its own voter data.
His campaign filed a lawsuit to get it back and aggressively tried to turn the allegations into a political advantage.
"This information is really key to our campaign and our strategy," said Clinton campaign manager Robby Mook. "We are particularly disturbed right now that they are using the fact that they stole data as a reason to raise money for their campaign."
The reaction to the data breach, the depth of which was debated by all involved, tore open an ugly fault line between two camps that had so far engaged in a relatively civil White House campaign.
On the eve of the party's next presidential debate, it also thrust into the open long-standing suspicions among Mr Sanders and his supporters that the national party is unfairly working to support Mrs Clinton's candidacy.
"Clearly, in this case, they are trying to help the Clinton campaign," Sanders campaign manager Jeff Weaver said of the Democratic National Committee.
At issue is an extensive trove of voter information maintained by the DNC. The campaigns are able to add their own information to the database, information which they use to target voters and anticipate what issues might motivate them to cast ballots.
In Mrs Clinton's case, Mr Mook said, the information stored in the database included "fundamental parts of our strategy".
DNC chairwoman Debbie Wasserman Schultz said that on Wednesday the Sanders campaign "inappropriately and systematically" accessed Mrs Clinton's data. She rejected Mr Weaver's effort to blame the breach on a software glitch and the actions of a small group of rogue staffers, one of whom was sacked.
In response, the DNC temporarily turned off Mr Sanders' access to the database and asked for an accounting of how the information was used and disposed of. Only then would the party make a decision on restoring his access, she said.
That decision infuriated Mr Weaver, who said the party had cut off Mr Sanders' team from the "lifeblood of any campaign".
"It is our information, not the DNC's," he said.
Hours later, the Sanders camp filed a lawsuit in US District Court in Washington seeking an immediate restoration of access to the database. Without it, the lawsuit said, the campaign would lose about 600,000 dollars (£402,000) a day in donations.
"It's outrageous to suggest that our campaign 'stole' any data," said Sanders spokesman Michael Briggs. "What is true is the data we collected and need to run a winning campaign is now being stolen from us by a DNC dominated by Clinton people."
The back-and-forth underscored Mr Sanders' attempt to cast himself as an anti-establishment upstart willing to take on Mrs Clinton, the unquestioned front-runner for her party's nomination.
Even before the lawsuit was filed, Mr Sanders' campaign sent a fund-raising email to supporters that said his "quick rise in the national polls (has) caused the Democratic National Committee to place its thumb on the scales in support of Hillary Clinton's campaign".
Notably, the email made no mention of the campaign's decision to sack an employee involved in the breach and Mr Weaver's admission that the staffer's actions were "unacceptable".
Mr Mook responded, "It's not something to be fund raising off of."
Firewalls are put in place to prevent campaigns from looking at data maintained by their rivals. But the vendor that runs the system, NGP VAN, said it ran a software patch on Wednesday that allowed all users to access data belonging to other campaigns.
Clinton campaign spokesman Brian Fallon said the Sanders campaign staff conducted 25 searches from four different accounts, saving the data into the Sanders campaign account.
NGP VAN said the Sanders staff involved were able to "search by and view (but not export or save or act on) some attributes that came from another campaign". The company said the Sanders campaign saved a "one page-style report containing summary data".
Mr Weaver argued the firewall used by the vendor had previously failed and he railed against the party for not taking the steps required to keep the information secure. He told CNN that "we don't have any Clinton data".
Josh Uretsky, the data director sacked by Sanders' campaign, said his team was merely investigating the security problem and trying to work out how exposed the software patch left its own data.
"I believe that I took appropriate steps to audit and assess the security breach and that nothing I did was done in a way that it would give the Sanders campaign a competitive advantage," he said.
Summaries of data logs provided to the Associated Press show the Sanders team spent nearly an hour in the database reviewing information on Mrs Clinton's high-priority voters and other data from nearly a dozen states, including first-to-vote Iowa, New Hampshire and South Carolina.
Some of these voter lists were saved into a folder named Targets, according to the logs. Mr Uretsky's deputy appeared to focus on pulling data on South Carolina and Iowa voters based on turnout and support, or lack of support, for Mrs Clinton.
The Sanders campaign employees who accessed the Clinton voter information without authorisation appear to have run afoul of the federal Computer Fraud and Abuse Act, said Jason Weinstein, a former supervisor of the Justice Department's computer crimes section.
Those employees "have reason to be concerned about legal exposure", he said, for what appears to fit the definition of illegal hacking.