Russian hackers stole thousands of State Department emails, reports claim

Sign up for the daily Inside Washington email for exclusive US coverage and analysis sent to your inbox

Get our free Inside Washington email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Thousands of diplomatic emails were reportedly stolen from the State Department in the latest breach of US government servers linked to Russian-backed hackers.

Citing two Congressional sources, Politico reported that the cyberattack targeted the department’s Bureau of European and Eurasian Affairs and Bureau of East Asian and Pacific Affairs last year.

It was unclear if the theft was connected to the SolarWinds hack that breached at least nine federal agencies, including the Pentagon, the Department of Energy’s National Nuclear Security Administration, and the Departments of Commerce, Treasury, and Homeland Security.

While the hackers accessed emails from the State Department, they did not appear to have breached the classified network, according to a third source quoted by the outlet.

The targeted bureaus in Europe and the Asia Pacific would be involved in work connected to US allies and partners in those regions, including the North Atlantic Treaty Organization (Nato).

Read more:

Deputy National Security Advisor for cyber and emerging technology Anne Neuberger, said in a statement to Politico they would not comment on specific agencies.

“Several federal agencies have been hacked in the last year,” Ms Neuberger said in the statement.

“As part of the Administration’s SolarWinds review, we discovered broad gaps in cybersecurity defences across federal agencies."

She said the review identified five specific cybersecurity areas with immediate vulnerabilities but didn't comment on whether the State Department or this latest hack was among those.

This first report of this specific incident from 2020, under the Trump administration, is the second publicly known breach of the department's email servers in under a decade following a 2015 intrusion, under the Obama administration.

That hack was considered the "worst ever" cyber intrusion against a federal agency until the SolarWinds campaign was discovered, with former Department of Homeland Security secretary Chad Wolf revealed on Monday to be among those compromised.

Hackers were also said to have accessed the private schedule of former Energy Secretary Dan Brouilette.

The Biden administration is still in its "review" process to determine the full extent of the US's exposure from the cyberespionage campaign, and the sanctions and other measures its plans on imposing on Moscow.

In a speech to the Munich Security Conference in February, Joe Biden said that addressing "Russian recklessness and hacking into computer networks" has become critical to protecting collective security.