A hacker’s release of personal contact information about House Democrats triggered a series of “sick calls, voicemails and text messages,” House Minority Leader Nancy Pelosi said Saturday.
The California lawmaker was responding to the latest hacking incident, into the House Democratic campaign arm, the Democratic Congressional Campaign Committee, which on Friday night published members’ personal cell phone numbers and some private email addresses. The hacker going by “Guccifer 2.0” claimed credit.
“I was in the air flying from Florida to California when the news broke,” Pelosi said in a message to Democratic colleagues. “Upon landing, I have received scores of mostly obscene and sick calls, voicemails and text messages. Please be careful not to allow your children or family members to answer your phone or read incoming text messages.”
Pelosi also advised House Democrats affected to change their phone numbers, following her lead.
The information was published to a WordPress blog along with log-in materials for subscriptions the DCCC uses.
A phone call was held Saturday evening for members with the House sergeant-at-arms office, and cybersecurity experts who have been investigating the hack.
This is the latest high-profile hack since the release of Democratic National Committee emails that led to the resignation of Chair Debbie Wasserman Schultz, an episode Pelosi called an “electronic Watergate.”
One leading Democratic member of Congress told CNN he got some “nasty phone calls” as well as texts and emails following the disclosure of personal information.
The member, who requested anonymity because he didn’t want to encourage more negative taunts coming his way, described some of the messages he received as “expletive Democrat” or “expletive Hillary” or “expletive Congress.”
Some members of Congress as well as some staff members Saturday quickly changed their phone numbers after the information was made public late Friday.
“It is scary that your privacy can be lost” so quickly, the member said.
Besides members having to endure a barrage of hate messages, they are also being warned to be careful.
“There certainly can be a security threat,” the member said.
One major concern are the emails sent to the members or the staff could include website links with malware or phishing attempts to steal identities or financial information. Congressional security officials have warned members and staff not to click on websites they are not familiar with.
There was a phone briefing for members on Saturday evening to answer their questions and give advice, and the hack will also be discussed Tuesday in a regularly scheduled conference call.
“A lot of members are trying to get the word on what is best to do,” said the congressman.
While the hacker or hackers known as “Guccifer 2.0” claims to have released the information about the Democratic congressional members and staffers through a blog, that is not the only mechanism being used to publicize private information.
A Washington area cyber security firm, ThreatConnect, has released a new analysis tying documents from various hacks by “Guccifer 2.0” to a website called DCLeaks, which calls itself “a new level project aimed to analyze and publish a large amount of emails from top-ranking officials and their influence agents all over the world” and has been publishing documents since this past spring.
While the US government has not formally blamed Russia for these hacks, privately intelligence and law enforcement sources it is the most likely suspect.
Some private cyber security experts also believe “Guccifer 2.0” is somehow connected to Russia and its intelligence operation.
“He is using a Russian-based VPN service” for transmitting, Toni Gidwani, director of research operations at ThreatConnect, told CNN. “It all points back to Russia.”
Exactly how all of the pieces fit together is something both the US government and private experts are trying to piece together.
“We assess that DCLeaks is another Russian influence operation, possibly put on by the same Russian actors behind the “Guccifer 2.0″ persona,” states the ThreatConnect analysis.
Analysts are examining language used when posting and other signs to try to determine if “Guccifer 2.0” is a real person, a group of people, or just a front.
Guccifer 2.0 has not publicly mentioned the DCLeaks, but officials from ThreatConnect say there is evidence “Guccifer 2.0” had prior knowledge of what was going to be published on DCLeaks.
Most of what DCLeaks has made public has focused on individual Democrats such as a Hillary Clinton aide and liberal Democratic donor George Soros. It also published emails from retired General Philip Breedlove, who had served as NATO supreme commander who wanted to be more aggressive against Russia regarding Ukraine.
Also posted on the site — something that has not generated a lot of attention – were just under 300 purported emails from Republicans. Those messages were first posted in June and include several from Sen. Lindsey Graham’s Senate account, including mentions on social media and speaking invitations and a store receipt sent to Sen. John McCain’s campaign.
“It suggests the Republicans have been targeted,” said ThreatConnect’s Gidwani. She added however analysts don’t know whether this shows the hacking was really aimed at members of both parties or just an attempt to make it look that way.
It is not known how those documents were obtained. Spokesmen for DCLeaks, Graham and McCain did not respond to requests for comment.