How Podesta got hacked: ‘Password’ email revealed in WikiLeaks dump

WikiLeaks has released what may be the key email that led to one of the biggest cybersecurity breaches in presidential campaign history — allowing hackers to gain access to Clinton Campaign Chairman John Podesta’s Gmail account.

A new email thread released Friday shows Podesta got a March 19 email from “Google” notifying him someone had his “password” and tried to sign in from Ukraine.

The IT team told Podesta the message was legit and he should change his password. But it appears the email actually was a phishing ploy – and likely gave the world access to the contents of his account.

In the new batch of emails leaked Friday, Podesta’s assistant Sara Latham forwarded the “Google” email to Charles Delavan, a Clinton campaign IT official, to see if it was real.

Delavan told her that it was a “legitimate email.”

“John needs to change his password immediately, and ensure that two-factor authentication is turned on his account … It is absolutely imperative that this is done ASAP,” he wrote, sharing a Google link where he could change his password.

Latham then sent Podesta and another campaign official an email saying the message was “REAL.”

The email chain does not detail what happened next. But a previous report from Motherboard said on that same day, Podesta opened a link that gave hackers access to his email. The hackers reportedly used a URL shortened using the Bitly service, which reportedly contained Podesta’s encoded Gmail address and gave the hackers access.

The March 19 email published by WikiLeaks indeed includes a shortened Bitly link at the bottom where Podesta was directed to change his password.

Cybersecurity firm SecureWorks told the alleged hacking method is the same used by Fancy Bear, a Russian hacker group — and the link was created specifically to target Podesta’s account.

“We can confirm that in the leaked email, the Bitly link listed is one of the links we saw created by the Fancy Bear group to target Podesta,” a spokeswoman for the group said. “It was one of four links created to target Mr. Podesta’s Gmail account.”
The Obama administration recently blamed senior Russian officials for orchestrating a string of hackings at the Democratic National Committee and the Democratic Congressional Campaign Committee. The Obama administration, however, has not publicly accused Russia of the Podesta hack.

Motherboard wrote: “None of this new data constitutes a smoking gun that can clearly frame Russia as the culprit behind the almost unprecedented hacking campaign that has hit the DNC and several other targets somewhat connected to the U.S. presidential campaign.”

Friday’s WikiLeaks email release – part 21 of its Podesta series – brings the total emails released so far to 35,594.


. . . . . . . .

Leave a Reply