Updated at 2:46 p.m. ET
House Republicans’ campaign operation suffered a cyberattack during the 2018 midterm election cycle, it said Tuesday.
A spokesman working on behalf of the National Republican Congressional Committee acknowledged the compromise and said it was reported to authorities.
“The cybersecurity of the committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter,” said Ian Prior, a vice president of Mercury Public Affairs, which has been retained by the NRCC on the matter.
Prior wouldn’t say anything more in order to protect the ongoing investigation.
The FBI told NPR on Tuesday that it generally does not confirm or deny the existence of investigations.
Detected earlier this year
The news of the major intrusion was first reported by Politico, which said that the email accounts of four senior NRCC aides were “surveilled for several months” and exposed “thousands of sensitive emails to an outside intruder.”
“Party officials would not say when the hack began or who was behind it, although they privately believe it was a foreign agent due to the nature of the attack,” the Politico report said.
The breach was detected in April, but the hackers penetrated the system a few months before that, a person familiar with the investigation told NPR. Those behind the hack are very sophisticated based on the tactics and methods they used, the person said.
Top GOP officials, including House Speaker Paul Ryan, R-Wis., and House Majority Leader Kevin McCarthy, R-Calif., weren’t notified about the attack until Monday, when Politico reporters began asking questions about the compromise.
So far no attribution
It wasn’t immediately clear who might be responsible for the cyberattack, but the news followed months of increased preparations by the government to defend against foreign influence in America’s democracy.
The House Democrats’ campaign arm, the Democratic Congressional Campaign Committee, along with the Democratic National Committee and Hillary Clinton’s presidential campaign, also were hacked during the 2016 cycle.
Prosecutors say Russian military intelligence officers pilfered sensitive material with the aim of releasing it to embarrass Democrats. So far, there doesn’t appear to have been any release of data taken in this year’s intrusion of Republicans’ campaign operation.
President Trump taunted Democrats for the 2016 cyberattacks, arguing that Republicans had stronger security measures in place.
Democrats regained control of the House in last month’s elections.
Earlier this year, the DCCC and the NRCC tried to negotiate a truce in which neither side would use any hacked material in attack ads and other strategic decisions, but those talks eventually broke down.
Defense, law enforcement and intelligence officials, however, say they’ve stepped up their efforts since Russia attacked the 2016 presidential election. The threat from Russian and other foreign interference continued, officials say, including through the midterms.
Defense Secretary Jim Mattis said Saturday at a defense forum in California that election interference has further soured a poor situation between Washington and Russian President Vladimir Putin.
“There’s no doubt the relationship has worsened,” Mattis said. “He tried again to muck around in our elections just last month, and we are seeing a continued effort along those lines.”