Pagliano Emails Detail Attempts to Hack Clinton Unsecure Email Server 10 Times in Two Days in November 2010 – U.S. Secret Service Informed of Hacking Attempts
NOVEMBER 01, 2016
Pagliano Warned Bill Clinton Aide Justin Cooper, ‘We’d Be Susceptible to Such an Attack’
(Washington, DC) – Judicial Watch today released new State Department documents detailing repeated efforts to hack into the unsecure non-state.gov email system used by former Secretary of State Hillary Clinton in November 2010. The hacks are detailed in email exchanges between State Department IT official Brian Pagliano and Bill Clinton aide Justin Cooper. The emails show the system was hacked 10 times in two days from November 27 to 29.
The documents also reveal that Pagliano warned Cooper that because of an outside service vendor relied upon by the Clinton system, “we’d be susceptible to such an attack.” Cooper subsequently informed the U.S. Secret Service of the attempted hacks, providing agents with each of the ten reports and summaries Pagliano had provided him.
The new documents were among the nearly 15,000 Clinton emails discovered by the FBI, and obtained in response to an April 8, 2016, federal court order directing the Department of State to begin producing materials for Judicial Watch in response to a September 3, 2015 Freedom of Information Act (FOIA) lawsuit (Judicial Watch, Inc. v. U.S. Department of State (No. 1:15-cv-01441)). The lawsuit was filed after State failed to comply with an August 5, 2015 FOIA request seeking information about Bryan Pagliano’s involvement with Clinton’s email system.
The ten emails from Pagliano alerting Cooper to the apparent hacking attempt began on the morning of Saturday, November 27, 2010, and continued through Monday, November 29. Each of the ten alerts contained the same message, apparently from the cyber security firm Symantec: “There was a failed logon attempt logged on the server. To check who it was log onto the server and double click on the toolbox icon labeled Failed_Logon_Attempt….”
On both November 29 and November 30, Pagliano sent Cooper emails detailing the attempted hack:
From: Bryan Pagliano
To: Justin Cooper
Sent: Monday, Nov 29 10:48:31 2010
So, to update you…
The failed logon attempts on the 27th were for username doug and dougband, the failed logon attempts on the 29th were for username huma. Would be useful to know if it was them who tried to log in…
From: Bryan Pagliano
Date: November 30, 2010 12:22:55 AM EST
To: Justin Cooper
Weird, looks like the attack came from 126.96.36.199 and started at around 5pm.
It’s a company called OpenDNS, they are a fairly reputable organization.
The traffic seems to have cleared up at about 11:50pm. I wonder if they had someone launching an attack from their servers.
That may explain the DNS issue we had earlier. Might have been an injection attack [NOTE: most common and successful attacks on the internet due to their numerous types, large attack surface, and the complexity required to protect against them]. We use their servers to resolve external websites for both the sbs and blackberry server so we’d be susceptible to such an attack. [Emphasis added]
Later on November 30, Cooper sent the entire email exchange with Pagliano to the Secret Service. Before providing Judicial Watch with Cooper’s email reports, the State Department redacted the identity of Cooper’s intended recipient with the notation “REFERRED FOR CONSULTATION – USSS.” The State Department redacted the recipient under a “B7 (C)” FOIA exemption, which is “Law enforcement information whose disclosure would constitute an unwarranted invasion of personal privacy.”
“These new emails show that the Clinton email server was subject to an aggressive and targeted hacking attempt. And we now know that yet another government agency, the United States Secret Service, not only knew about the Clinton email system but that it was the target of hacking,” stated Judicial Watch President Tom Fitton. “The Clinton email scandal has now widened to yet another Obama administration agency.”