Donald Trump campaign hack: What we know (2024)

Former President Donald Trump's campaign has reported a breach of its internal communications on Saturday, according to a report from Politico.

The incident has raised alarms about potential foreign interference in the 2024 presidential race and the vulnerability of campaign infrastructure to cyber-attacks.

The Trump campaign's acknowledgment of the hack followed inquiries by Politico, which had begun receiving emails from an anonymous source containing what appeared to be authentic internal campaign documents.

Newsweek has contacted Trump's campaign via email on Saturday for comment.

The Hack: What We Know

According to the Trump campaign, the breach reportedly involved the theft of internal communications and documents. The campaign has pointed fingers at "foreign sources hostile to the United States," suggesting a state-sponsored attack. However, the exact nature and extent of the compromised information remain unclear.

Steven Cheung, a spokesperson for the Trump campaign, told Politico, "These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process." Cheung referenced a recent Microsoft report that identified Iranian hackers as having targeted a "high-ranking official" on a U.S. presidential campaign in June 2024.

Microsoft, however, did not identify which campaign was targeted in its report and has declined to comment further on the matter. Additionally, Politico has not independently verified the identity of the hackers or their motivation.

Microsoft Report: Broader Implications

According to the Microsoft report released on Thursday, Iran-backed hackers targeted a high-ranking official at an unidentified U.S. presidential campaign in a June spear-phishing attack. The report also highlights that several Iranian groups have launched aggressive disinformation and hacking campaigns to influence the outcome of the 2024 U.S. presidential elections.

A group known as Mint Sandstorm, run by the Islamic Revolutionary Guard Corps' (IRGC) intelligence unit, was identified as the perpetrator of the June attack. The hackers used a compromised email account belonging to a former senior campaign adviser, sending an email with a link that would redirect to an "actor-controlled domain."

Interestingly, the same group attempted to log into an account belonging to a former presidential candidate just days before the phishing attack against an active presidential campaign. However, Microsoft noted that it does not yet have enough evidence to fully determine if the activity is specifically motivated by the 2024 election, as this group routinely targets senior political officials.

The Iranian Connection?

The Trump campaign has suggested that Iran may be behind the attack, citing the Microsoft report and recent intelligence about potential Iranian plots against the former president. Cheung told Politico, "The Iranians know that President Trump will stop their reign of terror just like he did in his first four years in the White House."

Additionally, Iran has not been verified as the source of the attack by any independent sources. Neither Microsoft, Politico, nor any U.S. intelligence agencies have confirmed Iran's involvement in this specific incident. The Trump campaign also has not provided additional evidence to substantiate their claim of Iranian involvement.

The U.S. intelligence community recently assessed that Iran was using covert influence to undermine the Trump campaign. This aligns with the broader picture painted by the Microsoft report, which indicates that Iran is becoming more aggressive in its targeting of U.S. elections, alongside Russia and China.

Cybersecurity Landscape

The Microsoft report reveals that Iran's cyber activities extend beyond federal government offices and political campaigns. In May, another Iranian group, known as Peach Sandstorm or APT33, successfully compromised an account belonging to someone who works for a county government in a swing state using a simple password spraying attack.

Several Iranian groups have started circulating fake news stories targeting U.S. voters on both sides of the political spectrum. Some of these stories appear to be using AI-enabled services to plagiarize from U.S. publications, making them more believable.

The FBI told Newsweek it was aware of the reporting but had no further comment.

Christopher Krebs, the nation's former top election security official who was fired by Trump in 2020 for refuting unsubstantiated claims of electoral fraud during the 2020 election, weighed in on the matter.

In a statement on X, formerly Twitter, Krebs wrote: "Buckle up. Confirmed hack & leak of Trump Campaign sensitive documents. Initial response by Campaign suggests foreign sources, coinciding with Microsoft's alert from this past week and the @ODNIgov alert of the week before. Someone is running the 2016 playbook, expect continued efforts to stoke fires in society and go after election systems - 95% votes on paper ballots is a strong resilience measure, combined with audits. But the chaos is the point…."

The "2016 playbook" alludes to memories of the 2016 Democratic National Committee (DNC) hack that significantly impacted that year's presidential election.

Looking Ahead

The reported hack of the Trump campaign highlights the ongoing vulnerability of political campaigns to cyber-attacks and raises questions about the preparedness of campaigns to defend against such threats.

Political campaigns and voters alike are urged to remain cautious and practice diligent cybersecurity while online.