The Republican National Committee (RNC) confirmed on July 6 that none of its data was accessed in the hacking of a third-party provider, a spokesperson said.
Danielle Alvarez, the RNC’s communications director, released a statement saying that the organization was informed by Microsoft that its systems might have been breached, but that “no RNC data was accessed.” The RNC “will continue to work with Microsoft, as well as federal law enforcement officials on this matter,” according to the statement.
Several news outlets, including Bloomberg News, reported that the RNC’s computer systems were hacked by Russian state hackers. Bloomberg, in a story published on July 6, cited “two people familiar with the matter” and provided no other details about the sources in its claim that Russian group Cozy Bear carried out a ransomware attack against the Republican party.
In a series of Twitter posts pushing back against Bloomberg reporter William Turton’s claim on July 6, Alvarez said the assertion that Russian-linked hackers breached their systems “is not true.”
Later, Turton wrote on Twitter that the RNC “continues to deny the story” and updated the article with a statement from the RNC. However, Alvarez said that he didn’t attempt to contact them for comment when the report was first published.
“Would be nice if you reached out for comment for this story in the first place or returned our calls since the story published,” she said.
Following the publication of the Bloomberg article, RNC Chief of Staff Richard Walters said the organization had learned that a third-party provider, Synnex Corp., was affected.
“Over the weekend, we were informed that Synnex, a third-party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter,” Walters said in a statement, according to an RNC spokesperson in an email to The Epoch Times.
Microsoft also issued a response to the alleged breach but declined to elaborate on any details or whether it even happened.
In a statement, Microsoft declined to provide additional details.
“We can’t talk about the specifics of any particular case without customer permission,” a company spokesperson told Bloomberg. “We continue to track malicious activity from nation-state threat actors—as we do routinely—and notify impacted customers.”
The flurry of statements came after U.S. and UK intelligence agencies said in a report published (pdf) last week that Russian military hackers have attempted to breach or access computer networks belonging to “hundreds of government and private sector targets worldwide” over the past three years.
“These efforts are almost certainly still ongoing,” the report stated.
“The actors have used identified account credentials in conjunction with exploiting publicly known vulnerabilities, such as exploiting Microsoft Exchange servers” through several means and then carry out “remote code execution and further access to target networks. After gaining remote access, many well-known tactics, techniques, and procedures.”
Representatives from Microsoft didn’t respond to a request for comment by press time.