The FBI Didn't Warn Democrats About Russian Hackers

The DNC and DCCC hacks could've been handled better.

Getty Images / Chip Somodevilla

The FBI suspected last year that state-sponsored Russian hackers might be after the Democratic Party, but chose not to tell party officials for fear of blowing up their own investigation.

Reuters reports that the FBI “did not warn party officials that the attack was being investigated as Russian espionage” for several months.

Because the agency withheld this information, the DNC was unable to protect sensitive information about its donors, email correspondence, and other data that was compromised as a result of the hack. The FBI could’ve helped the DNC keep that information safe; it chose not to.

Sharing that information also might have helped the Democratic Congressional Campaign Committee (DCCC) safeguard the information stolen in a related hack. That hack is believed to have occurred at the same time as the DNC hack, and the two organizations share an office space in Washington, D.C.

This revelation is especially damning now that the Department of Justice has been instructed to investigate the DNC hack as a potential national security breach. Yet there are some who believe that the FBI couldn’t reveal that information because it would’ve required it to discuss an ongoing operation.

“There is a fine line between warning people or companies or even other government agencies that they’re being hacked – especially if the intrusions are ongoing – and protecting intelligence operations that concern national security,” an anonymous official familiar with the FBI’s investigation told Reuters. Call it a catch-22: revealing the hack was a national security risk; so was keeping it secret.

Despite what one presidential hopeful might think — three guesses as to which one — these hacks aren’t a joke or something to celebrate. If the FBI is correct about Russia supporting the hacks, and it’s apparently believed this for a while so it’s hard to think the attribution will change, this is a real cyber attack.