DNC notifies FBI of attempted hack of voter database

The Democratic National Committee (DNC) has notified the FBI of what it believes to be an attempt to hack into its voter database, according to Wednesday news reports.

A Democratic source told CNN that the organization received an alert early Tuesday that a fake login site had been created to try and obtain usernames and passwords from those seeking to access the database.

The alert was reportedly issued by the cloud service provider for the database and the San Francisco–based security firm Lookout.

{mosads}The fake pages were designed to look like the site used by Democratic officials and candidates across the country to access a service called Voterbuilder, which itself hosts the voter database.

The source said that the DNC did not have any evidence that the database had been accessed or changed.

The Hill has reached out to the DNC and the FBI for comment.

The DNC has stepped up its cybersecurity efforts after the organization was hacked in 2016 by what was later revealed to be Russian military officers.

Lookout’s vice president of security intelligence, Mike Murray, told CNN that the fake login site was “very convincing.”

“It would have been a very effective attack,” he said.

The described pages fit the description of a spear-phishing attack, the technique used in the 2016 hack of the organization. 

DNC chief security officer Bob Lord informed Democrats of the attempt on Wednesday, during a meeting of the Association of State Democratic Committees.

“These threats are serious, and that’s why it’s critical that we all work together, but we can’t do this alone. We need the [Trump] administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy from these types of attacks,” Lord said in a statement provided to CNN.

Special counsel Robert Mueller last month indicted 12 Russian agents in the 2016 DNC hack, part of his larger probe into Moscow’s interference in the presidential election.

The CNN report comes one day after Microsoft announced that it had shut down six fake domains mimicking websites for the Senate and two conservative think tanks. The company said that it had “no evidence these domains were used in any successful attacks before” the company seized them, “nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains.”

Microsoft said it believed Fancy Bear, the Russian hacker group that was behind the 2016 DNC hack, also created the fake domains.