Former Tennessee Gov. Phil Bredesen fears his 2018 U.S. Senate campaign has been hacked, potentially marking the first known cyberattack targeting the November mid-terms merely eight months until Election Day.
Campaign aides last month “received multiple emails that appeared to be from the campaign’s media buyer,” Robert E. Cooper Jr., an attorney for Mr. Bredesen’s Democratic campaign, wrote the FBI in a letter sent to the bureau’s Memphis division Thursday.
The emails included specific details about an intended media buy and “urged the campaign to wire funds to an international bank account,” CNN reported.
“Thanks to alert action by campaign management, no funds were diverted,” the attorney wrote. “However, due to the fact that the impostors knew the media buy was imminent, we are concerned that there has been an unauthorized intrusion into the extended campaign organization.”
An FBI official confirmed receiving the campaign’s letter but declined to comment further, CNN reported.
The campaign has hired a security firm “to determine the extent of any breaches and review security protocols,” and that review is ongoing, the attorney’s letter said.
Malicious cyber activity continued to target the Democrat’s campaign as recently as this week, according to Mr. Bredesen.
“On Wednesday afternoon (March 7) you may have received an email, coming from a spoofed email address, that appeared to come from me, asking you to click a link to view a shared document,” Mr. Bredesen wrote in an email sent to his contact list Thursday. “Unfortunately, this email is part of a cyber intrusion into my extended campaign organization, including an unsuccessful attempt to divert campaign funds to offshore accounts. The FBI has been contacted and is involved.”
“The spoofed emails that I have personally seen have come from the domain ’bredesens.com”’ (note the extra ’s’ at the end of my name) and not my own ’bredesen.com’—it’s easy to mistake one for the other, the obvious purpose,” he wrote. “Vendors to the campaign have been similarly spoofed with fake domain names looking similar to the real ones.”
Spoofing domain names is a tactic utilized routinely by hackers hoping to trick targets into clicking malicious links or opening booby-trapped attachments. A spoofed email purportedly sent by Google tech support has been attributed with causing the data breach suffered during the 2016 U.S. presidential campaign by Democratic candidate Hillary Clinton’s campaign manager, John Podesta. Last month, meanwhile, suspected state-sponsored hackers masqueraded as a British publishing company as part of a phishing campaign targeting foreign affairs agencies and ministries in North America and Europe, according to security researchers.
The Podesta hack and other breaches have been linked to an alleged election meddling operation authorized by Russian President Vladimir Putin, and U.S. intelligence officials have repeatedly warned that Moscow may interfere in the upcoming midterms.
“We have seen Russian activity and intentions to have an impact on the next election cycle,” CIA Director Mike Pompeo told the Senate Intelligence Committee last month.
Mr. Bredesen served as Tennessee’s governor from 2003 through 2011. He’s running in November against U.S. Rep. Marsha Blackburn, Tennessee Republican, for the seat currently occupied by outgoing GOP Sen. Bob Corker.
“Cybersecurity is a serious issue, and we must do more to prevent bad actors from being able to access private information,” Blackburn campaign spokeswoman Andrea Bozek told the Associated Press.
Anyone who received an email purportedly sent from Mr. Bredesen this week should delete the message without clicking the included link, he said Thursday.
“I’m sorry for this inconvenience; this sort of thing is rapidly becoming one of the unpleasant facts of life,” his email concluded.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.