NRCC

The National Republican Congressional Committee (NRCC) discovered this April 2018 that they were hacked and an unauthorized third-party had access to the email accounts of four senior aides.

This past April, the NRCC's managed security service provider (MSSP) detected that an unauthorized third-party had access to an NRCC system. They then contacted the FBI and their security consulting firm CrowdStrike, who was already retained by the NRCC, to begin an internal investigation.

"The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said," reported Politico.. "The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident."

It is not known how the NRCC was hacked, but according to anonymous senior party officials, email accounts for four senior aides had been monitored and thousands of emails were exposed to the intruder. Who these senior aides are has not yet been disclosed.

During this investigation, senior House Republican party members, including Paul Ryan,  Kevin McCarthy,  and Steve Scalise, were not advised of this investigation until Politico contacted the NRCC. According to Politico, the NRCC withheld this information as they did not want to compromise their investigation into who committed the hack.

To handle the PR aspects of this breach, the NRCC employed Mercury Public Affairs who issued the following statement to Politico.

“The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter.” 

Related Articles:

US offers up to $15 million for tips on ALPHV ransomware gang

US sanctions crypto exchanges used by Russian darknet market, banks

US sanctions APT31 hackers behind critical infrastructure attacks

Over 100 US and EU orgs targeted in StrelaStealer malware attacks

Apex Legends players worried about RCE flaw after ALGS hacks