14 DAY TRIAL // The National Republican Congressional Committee's (NRCC) computing systems got compromised with the hackers behind the attack exfiltrating thousands of emails during the midterm election cycle of April 2018.
"The cybersecurity of the committee's data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," said NRCC spokesman Ian Prior.
Furthermore, according to Politico's report, emails of four anonymous NCRC senior aides were monitored for several months until the security breach was detected in April.
"We don't want to get into details about what was taken because it's an ongoing investigation. Let's say they had access to four active accounts. I think you can draw from that," told a senior GOP official to Politico.
Even though the cyber attack was discovered back in April and the investigation is still active, senior House Republicans were not notified, and they found out about the data breach when Politico got in touch asking about the incident.
Senior party officials were not informed to protect the ongoing investigation
Moreover, not even Rep. Steve Stivers which was the NRCC chairman during the last election cycle could not be reached for extra details regarding the hacking incident despite multiple requests for comment.
“To protect the integrity of that investigation, the NRCC will offer no further comment on the incident,” added Prior.
Although the hackers managed to get away with thousands of email containing sensitive information, party officials declared that none of the information stolen during the data breach surfaced since the attack was spotted.
Also, GOP officials contacted by Politico also stated that no donor information was compromised during the security breach.
"The hack was first detected by an MSSP, a managed security services provider that monitors the NRCC’s network," says Politico. "The MSSP informed NRCC officials and they, in turn, alerted Crowdstrike, a well-known cybersecurity firm that had already been retained by the NRCC."