Enlarge / Reduce, reuse, recycle those hacks.Ildar Sagdejev
reader comments 16
Share this story
WikiLeaks celebrated its tenth anniversary today by teasing a release of documents that would damage presidential candidate Hillary Clinton.
But when Julian Assange failed to release anything new, the individual who refers to himself as Guccifer 2.0 posted what he claimed were files from the Clinton Foundation’s servers.
“Many of you have been waiting for this, some even asked me to do it,” Guccifer 2.0, or whoever is posting under that name, wrote in a blog post. “So, this is the moment.
I hacked the Clinton Foundation server and downloaded hundreds of thousands of docs and donors’ databases. Hillary Clinton and her staff don’t even bother about the information security.
It was just a matter of time to gain access to the Clinton Foundation server.” Ars contacted Guccifer 2.0, or whomever runs his Twitter account. He claimed the files came directly from the Clinton Foundation server—but declined to say how he got access to them (“I prefer to keep it to me yet”).
However, a review by Ars found that the files are clearly not from the Clinton Foundation. While some of the individual files contain real data, much of it came from other breaches Guccifer 2.0 has claimed credit for at the Democratic National Committee and the Democratic Congressional Campaign Committee—hacks that researchers and officials have tied to “threat groups” connected to the Russian Government. Other data could have been aggregated from public information, while some appears to be fabricated as propaganda.
The Clinton Foundation’s president, former Health and Human Services Secretary Donna Shalala, denied that the foundation had been hacked in a Twitter post:
No evidence of a #Guccifer hack at @ClintonFdn, no notification by law enforcement, and none of the files or folders shown are ours.
— Donna E.
Shalala (@DonnaShalala) October 4, 2016
Guccifer’s post includes a screen grab of what appears to directory folders, including one labeled “Pay to Play,” that appears to be fabricated from DCCC and DNC files and other material of questionable provenance.
But some of the material appears to be actual data from the DCCC.
One spreadsheet, called “master-spreadsheet-pac-contributions,” lists what appear to be congressional campaign donations to individual representatives and the Democratic Congressional Campaign Committee alongside bank names and a column labeled “Tarp funds”—an apparent reference to the Troubled Asset Relief Program.
The spreadsheet’s metadata says that it was created in 2009 by “Kevin McKeon”—a Kevin McKeon served as the DCCC’s deputy research director at that time.
Another spreadsheet purportedly from 2010, entitled “hfscmemberdonationsbyparty6101,” lists members of the House Financial Services Committee from both parties and shows a list of what are suggested to be campaign contributions by major banks and financial institutions.
That spreadsheet—which was apparently created by a Linda K.
Strohl and then saved by a Ned Brown a day later on June 10, 2010—was created on a copy of Microsoft Excel licensed to “Home.” It may have been prepared as competitive research for the 2010 mid-term congressional races.
A third, later file, appears to be a donor “tracker” spreadsheet.
It is most certainly from the DCCC.
Created by Andrew Bower—another DCCC employee—in 2015, the spreadsheet contains names and e-mail addresses from the Western US.
Ars directly contacted several of the people listed in the document and confirmed that the individuals on the list were donors. While they weren’t certain the amounts associated with them were correct, they confirmed other details were accurate.