Trump campaign allegedly hacked, blames Iran for stealing internal communications
Iranian hacking activities are aligning more with legacy Russian cyber operations, a former top CISA official said.
Donald Trump’s presidential campaign was hacked and has attributed the exfiltration of internal campaign communications to Iranian operatives, a spokesperson said Saturday.
Politico first reported the news, when it began receiving emails from an anonymous account that contained the internal conversations. The former president’s campaign manager also alluded to a Microsoft report that said Iranian operatives attempted to access an account belonging to a former presidential candidate, which the company had declined to name.
“These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process,” campaign spokesperson Steven Cheung said in a statement to Politico.
“On Friday, a new report from Microsoft found that Iranian hackers broke into the account of a ‘high ranking official’ on the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential nominee,” the statement adds.
It’s unknown whether the Trump campaign is in touch with Microsoft or law enforcement officials. The FBI said it was aware of reports but declined to comment further. The Cybersecurity and Infrastructure Security Agency declined to comment.
The Trump presidency in 2017 became the center of controversy when the Justice Department launched an investigation into whether Russia interfered in the 2016 presidential election. Special Counsel Robert Mueller later determined Trump and his allies had encouraged the hack but that there was insufficient evidence to bring criminal charges against the former president.
In the prior year, the Democratic National Convention was hacked by what intelligence officials concluded to be Russian operatives, with the bad actors making off with sensitive information linked to then-Democratic presidential candidate Hillary Clinton.
The attribution to Iran coincides with recent CNN reporting that said the Secret Service increased security around Trump’s 2024 campaign events after intelligence officials determined that Iran was attempting to assassinate the former president. There was no indication that Thomas Matthew Crooks — the assailant who attempted to kill Trump last month — was connected to Iran, according to the report.
“Behold the Russification of Iranian info ops! A nasty business; expanding & diversifying attempts to further divide Americans and disrupt democracy,” said Chris Krebs, the former director of CISA in a post on X.
Trump fired Krebs in 2020 after the latter led an aggressive post-election campaign to debunk misinformation about baseless claims of voter fraud that were touted by Trump and his then-White House allies.
When Politico pressed the purported hacker, known only as “Robert” about how the documents were obtained, they wrote back, “I suggest you don’t be curious about where I got them from. Any answer to this question, will compromise me and also legally restricts you from publishing them.”
The stolen documents allegedly contained an analysis of Trump running mate JD Vance, an Ohio senator.
The Interests Section of the Islamic Republic of Iran — a unit of Pakistan’s embassy in Washington, D.C. serving as the Iranian government’s de facto representative in the U.S. — did not return a request for comment.
“We can’t speak to the cybersecurity of the Trump campaign and we of course don’t know how the documents were obtained. However, this should be a wakeup call to all campaigns large and small that campaigns are targets of nation states, hacktivists and cybercriminals,” said Michael Kaiser, president and CEO of the nonprofit Defending Digital Campaigns.
“Unfortunately, this isn’t even the new normal. It’s just normal,” said Jake Braun, the former White House acting principal deputy national cyber director who helped create the first ever “Voting Machine Hacking Village” at the annual DEF CON hacking conference.
Iran “may attempt to conduct influence operations” aimed at U.S. elections, having done so in the past, according to recent intelligence community findings.