In his now infamous July press conference, FBI director James Comey described Clinton’s management of her private email server to be “extremely careless” even though he thought her shortcomings didn’t warrant criminal charges. Of course we are all now well aware that, despite comments made to the contrary to Congress, Hillary’s private server contained dozens of email chains that had classified documents, including eight whose contents were “top secret.” While Comey noted that the FBI could find no evidence that any of those classified documents had been compromised, he also cautioned that they might lack the forensic records to know if they had been.
Turns out that at least one email account housed on Hillary’s private server was hacked in January 2013. The email account belonged to an undisclosed female staffer in President Clinton’s office. The hacker apparently used an anonymity software known as “Tor” to login to the account to browse “e-mail folders and attachments.” According to FBI notes, the FBI “was unable to identify the actor(s) responsible for this login or how [staffer’s] login credentials were compromised.”
According to a former NSA analyst, Dave Aitel, while the breach doesn’t necessarily “indicate any inherent vulnerability of the Clintons’ server” it does confirm the FBI’s assessment that management of the server was “extremely careless.” Per Wired:
Though the single-user email breach doesn’t indicate any inherent vulnerability in the Clintons’ server, it does show a lack of attention to its access logs, says Dave Aitel, a former NSA security analyst and founder of security firm Immunity. “They weren’t auditing and restricting IP addresses accessing the server,” Aitel says. “That’s annoying and difficult when your user is the Secretary of State and traveling all around the world…But if she’s in Russia and I see a login from Afghanistan, I’d say that’s not right, and I’d take some intrusion detection action. That’s not the level this team was at.”
While President Clinton’s staffer likely didn’t have access to any of the classified materials found in Hillary’s email the breach is substantial in that it provides additional evidence that the server was not properly managed. If nothing else, it provides additional fodder for the Trump campaign to call into question Hillary’s competency to serve as commander-in-chief.
* * *