By Joseph Menn, Dustin Volz and Mark Hosenball
SAN FRANCISCO/WASHINGTON (Reuters) – The FBI is investigating a cyber intrusion against a major Democratic Party congressional fundraising group, an attack that may be related to an earlier hack against the party apparatus, four people familiar with the matter told Reuters.
The previously unreported incident at the Democratic Congressional Campaign Committee, or DCCC, and its potential ties to Russian hackers are likely to sharpen concern, so far unproven, that Moscow is attempting to meddle in U.S. elections.
Hacking of the party’s emails has clouded this week’s Democratic convention in Philadelphia, where Hillary Clinton was scheduled to accept the party’s presidential nomination on Thursday evening.
The breach at the DCCC may have been intended to gather information about donors, rather than to steal money, the sources said on Thursday.
The DCCC raises money for Democrats running for seats in the U.S. House of Representatives. The intrusion at the group could have begun as recently as June, two of the sources told Reuters.
That was when a bogus website was registered with a name closely resembling that of a main donation site connected to the DCCC. For some time, internet traffic associated with donations that was supposed to go to a company that processes campaign donations instead went to the bogus site, two sources said.
The sources said the Internet Protocol address of the spurious site resembled one used by a Russian government-linked hacking group, one of two such groups suspected in a recently revealed breach of the Democratic National Committee, or DNC, the nationwide strategy-setting and money-raising body for the Democratic Party.
Cyber security experts and U.S. officials said on Monday there was evidence that Russia engineered the DNC hack to release sensitive party emails in order to influence the U.S. presidential election.
The release of the emails by activist group WikiLeaks on the weekend caused discord in the party because they appeared to show favouritism within the DNC for Clinton over U.S. Senator Bernie Sanders of Vermont, who ran a close race for the nomination for the Nov. 8 election.
The DNC, targeted by hackers earlier this year, and the DCCC share the same office space on South Capitol Street in Washington.
The DCCC had no immediate comment on Thursday. Donation processing company ActBlue also had no immediate comment. CrowdStrike, the California-based cyber security firm that investigated the DNC breach, declined to comment.
Jim Manley, a Democratic strategist who once worked for Senate Minority Leader Harry Reid, said the possibility of the DCCC being hacked was cause for great concern.
“Until proven otherwise, I would suggest that everyone involved with the campaign committee operate under the assumption Russians have access to everything in their computer systems,” Manley said.
The FBI referred questions to a statement it made on Monday on the DNC hack:
“The FBI is investigating a cyber intrusion involving the DNC and are working to determine the nature and scope of the matter. A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace.”
The disclosure of the DCCC breach is likely to further stoke concerns among Democratic Party operatives, many of whom have acknowledged they fear further dumps of hacked files that could harm their candidates. WikiLeaks has said it has more material related to the U.S. election that it intends to release.
DNC Chairwoman Debbie Wasserman Schultz resigned after the leaked emails last weekend showed party leaders favouring Clinton over Sanders. The committee is supposed to be neutral.
Director of National Intelligence James Clapper said on Thursday the U.S. intelligence community was not ready to “make the call on attribution” as to who was responsible for the DNC hack. The White House said earlier the FBI had not disclosed any information about who was behind the hack.
Clapper, speaking at the Aspen Security Forum, acknowledged that “there’s just a few usual suspects out there” who might be responsible for the cyber intrusion, suggesting it was the work of a state actor rather than an independent hacking group.
Clapper said in May he was aware of attempted hacks on campaigns and related groups and he expected to see more as the November election neared. The last two U.S. presidential cycles in 2008 and 2012 witnessed a barrage of cyber attacks from a range of adversaries targeting President Barack Obama’s campaign and the campaigns of his Republican foes, officials have said.
Russian officials have dismissed the allegations of Moscow’s involvement in such hacks. “It is so absurd it borders on total stupidity,” said Kremlin spokesman Dmitry Peskov.
Donald Trump, the Republican Party’s presidential nominee, angered Democrats this week by inviting Russia to unearth tens of thousands of emails from rival Clinton’s tenure as U.S. secretary of state. Trump said on Thursday he was being sarcastic in his remarks.
(Additional reporting by Warren Strobel in Aspen, Colo. and; Yara Bayoumy and Ginger Gibson in Washington; Editing by Kevin Drawbaugh and Alistair Bell)