None of the information that was hacked during the campaign has appeared publically and no donor information was compromised. It still remains unclear who was behind the attack.
The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.
However, senior House Republicans — including Speaker Paul Ryan (R-Wis.), House Majority Leader Kevin McCarthy (R-Calif.) and Majority Whip Steve Scalise (R-La.) — were not informed of the hack until POLITICO contacted the NRCC on Monday with questions about the episode. Rank-and-file House Republicans were not told, either.
The hack became a major source of consternation within the committee as the midterm election unfolded. The NRCC brought on the prominent Washington law firm Covington and Burling as well as Mercury Public Affairs to oversee the response to the hack. The NRCC paid the two firms hundreds of thousands of dollars to help respond to the intrusion. The committee’s chief legal counsel, Chris Winkelman, devoted hours of his time to dealing with matter.
“The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter,” said Ian Prior, a vice president at Mercury.