John Podesta Reportedly Fell For Russian Phishing Attack Thanks To A Typo

December 13, 2016 4:23 p.m.

Hillary Clinton’s campaign chairman, John Podesta, reportedly clicked on a phishing email that led to the theft of tens of thousands of emails after an aide mistakenly wrote to him that it was a “legitimate”—rather than “illegitimate”—message.

That error has haunted Clinton campaign aide Charles Delavan ever since, the New York Times reported Tuesday in a lengthy look at the Russian-directed hacks of Democratic organizations and operatives.

In recent days, unnamed intelligence officials have told several media outlets that the thefts of emails from the Democratic National Committee, Podesta and others were directed by the Russian government with the express goal of aiding Donald Trump’s candidacy (the FBI reportedly disagrees and believes the Russian government merely sought to sow doubt about the legitimacy of the electoral process).

The Times’ investigation found the attacks were exacerbated by costly mistakes on the part of the Clinton campaign, DNC and FBI.

For example, the report states a tech support contractor at the DNC, Yared Tamene, performed only cursory searches for signs of a hack after being initially contacted by FBI special agent Adrian Hawkins in Sept. 2015 with a warning that the DNC’s servers had been compromised. Despite several more calls in following weeks, Tamene didn’t intensify his efforts.

Get TPM in your inbox, twice weekly.
Your subscription could not be saved. Please try again.
Your subscription has been successful.

“I had no way of differentiating the call I just received from a prank call,” Tamene wrote in an internal memo obtained by the Times, referring to Hawkins. “I did not return his calls, as I had nothing to report.”

Hawkins never emailed Tamene out of fear the hackers would know they were being tracked, according to the report. Both Tamene and the FBI declined to comment to the Times for its story.

Tamene’s memo reveals he installed a “robust set of monitoring tools” in April, months after being initially notified of the hacking threat. Then on the eve of the White House Correspondents dinner, Amy Dacey, then chief executive of the DNC, was finally alerted to an unauthorized person with administrator-level clearance in the DNC’s system.

The DNC then hired CrowdStrike to quietly rebuild its system from scratch and search for foreign intruders. Within a day, the firm had identified the breach as originating in Russia. It further attributed the hack to two groups, “Cozy Bear,” or “the Dukes,” a group which Hawkins had asked Tamene to monitor in his original September phone call, and “Fancy Bear,” which first infiltrated Democratic Congressional Campaign Committee computers in March and then moved on to the DNC.

By then, it was too late.

This post has been updated.

Latest Livewire
Comments are now Members-Only

Non-members are still able to read comments, but will no longer be able to participate. To join the conversation, sign up now and get:

30% Off Annual Prime Membership

TPM strives to build as inclusive a community as financially possible. We offer FREE memberships to those experiencing financial hardship and FREE memberships for students.

View all options
Masthead Masthead
Founder & Editor-in-Chief:
Executive Editor:
Managing Editor:
Associate Editor:
Editor at Large:
General Counsel:
Head of Product:
Director of Technology:
Associate Publisher:
Front End Developer:
Senior Designer: