DNC: Fake login page was a test, not a hack

The Democratic National Committee (DNC) said late Thursday that the fake login page it had reported as a potential hack on its database was actually a test.

DNC chief security officer Bob Lord said in a statement provided to The Hill that the organization now believes the site, apparently designed to be used in a spear-phishing attack, “was built by a third party as part of a simulated phishing test” on the service that hosts the database, VoteBuilder.

“The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors,” Lord said,.

{mosads}“There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks,” he said.

The DNC said on Wednesday that a private security firm unaffiliated with the organization had detected an attempt to hack into the database, finding a fake website designed to look like the login page that would solicit users to enter their credentials. The group reported the attempted hack to the FBI.

The Washington Post reported that the Michigan Democratic Party had contracted a third-party vendor to carry out the test.

Brandon Dillon, the chair of the Michigan Democratic Party, characterized the test as a “misstep” in a statement to The Hill.

“In an abundance of caution, our digital partners ran tests that followed extensive training. Despite our misstep and the alarms that were set off, it’s most important that all of the security systems in place worked,” Dillon said, adding that the party “will continue to work with our partners, including the DNC, to protect our systems and our democracy.”

The 2016 hack of the DNC, also carried out through a spear-phishing attack, propelled the group to step up its cybersecurity efforts.

The report of the attempted hack came shortly after Microsoft announced that it had seized and shut down six domains designed to look like web pages affiliated with a pair of conservative think tanks and the Senate, which the company said could have potentially been used to carry out spear-phishing attacks.

Microsoft said it had no evidence that a cyberattack was facilitated through the sites. 

—Updated at 11:55 a.m.