Report: Clinton, Podesta Hack May Have Been Due to a 3-Letter Typo

December 13, 2016 Updated: December 14, 2016    

The alleged phishing attack that allowed intruders to break into former Hillary Clinton campaign manager John Podesta’s Gmail account may have been prompted by a typo sent from an aide.

The New York Times on Tuesday reported the details on how foreign hackers broke into Podesta’s account. It’s believed that the hack was the source of the Podesta emails that were published on WikiLeaks over the several weeks leading up to Election Day.

The Times reported that Podesta’s emails were allegedly taken by Russian state-sponsored hackers—just days after the Washington Post, citing unnamed sources, reported that CIA officials now claim Russian hackers may have swayed the election. This claim has since been disputed, notably by the top U.S. spy agency, the Office of the Director of National Intelligence, according to a Reuters report on Tuesday.

According to the Times, phishing emails were sent to Podesta and other American officials. A phishing attack refers to the activity of defrauding an online account holder of information, such as a password, credit card information, or bank account numbers, by posing as a legitimate company.

The newspaper reported:

Hundreds of similar phishing emails were being sent to American political targets, including an identical email sent on March 19 to Mr. Podesta, chairman of the Clinton campaign. Given how many emails Mr. Podesta received through this personal email account, several aides also had access to it, and one of them noticed the warning email, sending it to a computer technician to make sure it was legitimate before anyone clicked on the “change password” button.

That email was itself a fake warning from the hackers in an attempt to gain access to Podesta’s Gmail. They wanted Podesta to click on a link that said it could change his password, thereby gaining access.

But there was a typo in an aide’s message about the phishing attack.

The Times added:

“This is a legitimate email,” Charles Delavan, a Clinton campaign aide, replied to another of Mr. Podesta’s aides, who had noticed the alert. “John needs to change his password immediately.”

Develan apparently meant “this is an illegitimate email”—meaning that a mere three letters may have led Podesta to clicking on the phishing link.

The Times has more:

Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an “illegitimate” email, an error that he said has plagued him ever since.

It’s worth noting that in a leaked email from WikiLeaks sourced from Podesta’s account, titled “2 Things,” an associate, Eryn Sepp, emailed Podesta’s Gmail about another one of his accounts, suggesting he use the not-very-secure password, “p@ssw0rd”, for that account. It’s unclear what Sepp was referring to, or if it was for another Gmail account. 

The leaked email reads:

Though CAP is still having issues with my email and computer, yours is good to go.

jpodesta
p@ssw0rd

This week, Podesta issued a statement on the alleged Russian involvement.

“We now know that the CIA has determined Russia’s interference in our elections was for the purpose of electing Donald Trump,” the longtime Washington insider said in a statement to Politico. “This should distress every American.”

The Office of the Director of National Intelligence (ODNI), as reported in the aforementioned Reuters article, declined to comment on the matter, but a top U.S. intelligence official said that the ODNI hasn’t endorsed the CIA’s assessment due to a lack of conclusive evidence that Moscow tried to use hacking to boost Trump over Clinton.