The Republican National Committee (RNC) confirmed Tuesday that none of its data was accessed in a hack of a third-party provider, a spokesperson said.
Danielle Alvarez, the RNC’s communications director, released a statement saying it was informed by Microsoft that their systems might have been breached, but that “no RNC data was accessed.” The RNC, according to the statement, “will continue to work with Microsoft, as well as federal law enforcement officials on this matter.”
Several news outlets, including Bloomberg News, reported that the RNC’s computer systems were hacked by Russian state hackers. Bloomberg, in a story published Tuesday, cited “two people familiar with the matter” and provided no other details about the sources in its claim that Russian group Cozy Bear carried out a ransomware attack against the GOP.
In a series of tweets on Tuesday pushing back against Bloomberg reporter William Turton’s claim, Alvarez said the assertion that Russian-linked hackers breached their systems “is not true.”
Later, Turton tweeted that the RNC “continues to deny the story” and updated the article with a statement from the RNC. However, Alvarez said that he didn’t attempt to contact them for comment when the report was first published.
“Would be nice if you reached out for comment for this story in the first place or returned our calls since the story published,” she said.
Following the publication of the Bloomberg article, RNC Chief of Staff Richard Walters said his organization learned that a third-party provider, Synnex Corp., was affected.
“Over the weekend, we were informed that Synnex, a third-party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter,” Walters said in a statement, according to an RNC spokesperson in an email to The Epoch Times.
Microsoft also issued a response to the alleged breach but declined to elaborate on any details or whether it even happened.
In a statement, Microsoft declined to provide additional details. “We can’t talk about the specifics of any particular case without customer permission,” a company spokesperson told Bloomberg. “We continue to track malicious activity from nation-state threat actors—as we do routinely—and notify impacted customers.”
The flurry of statements came after U.S. and UK intelligence agencies said in a report published (pdf) last week that Russian military hackers have attempted to breach or access computer networks belonging to “hundreds of government and private sector targets worldwide” over the past three years. “These efforts are almost certainly still ongoing,” the report added.
“The actors have used identified account credentials in conjunction with exploiting publicly known vulnerabilities, such as exploiting Microsoft Exchange servers” through several means and then carry out “remote code execution and further access to target networks. After gaining remote access, many well-known tactics, techniques, and procedures,” the report noted.
The Epoch Times has contacted Microsoft for comment.
View original Post