Update: Zuckerberg Said He ‘Misspoke’ About Alerting Campaigns to Russian Hacking Attempts

Mark Zuckerberg revealed that Facebook’s security team identified Russian government hackers targeting US presidential campaigns and notified them of the hack attempts.

|
Apr 10 2018, 9:04pm

Image: Alex Wong/Getty Images

Facebook detected Russian government hackers targeting the Facebook accounts of campaign officials before the 2016 presidential election, Mark Zuckerberg revealed during a congressional hearing on Tuesday. UPDATE, Apr. 11, 12:29 p.m. ET: On Wednesday, Zuckerberg clarified that he actually meant they notified the RNC and DNC, not the individual presidential campaigns.

"When I was referring to the campaigns yesterday I meant the DNC and RNC. So I may have misspoken and maybe technically that's called the committees, but those were the folks I was referring to," Zuckerberg said.

The original article follows below.

The company founder said that the company spotted the hackers’ attempts and then alerted the campaigns that the hackers were going after them. In response to a question by Sen. Dianne Feinstein about Russian interference in the US elections, Zuckerberg said Facebook thought people with political connections might get hacked, but didn’t expect a disinformation campaign.

"We expected them to do a number of more traditional cyberattacks, which we did identify and notify the campaigns that they were trying to hack into them,” Zuckerberg said.

Zuckerberg appeared Tuesday in front of the Senate Judiciary and Commerce committees for the first of two congressional hearings he’s scheduled to be at this week. The Facebook founder agreed to appear on Capitol Hill for the first time ever after the recent series of scandals involving the internet giant. Last month, news reports revealed that data mining company Cambridge Analytica had obtained the personal data of more than 50 million American Facebook users, which was originally collected with a seemingly innocuous quiz app.

Read more: The Motherboard Guide To Using Facebook Safely

In 2016, Russian hackers working for the country’s intelligence agencies broke into the email accounts of several campaign and party officials, and American politicians, including Hillary Clinton’s campaign chairman John Podesta, former George W. Bush administration official Colin Powell, and many others. The hackers targeted hundreds of email addresses with phishing links designed to trick them into stealing their passwords, and were able to break into some of them.

It’s unclear if the hackers were successful in their attempts to gain access to Facebook accounts connected with the presidential campaigns. But until today, Facebook hadn’t revealed that it detected the intrusion attempts and alerted the campaigns. Feinstein’s question was about the Russian attempts to influence elections, not Russian attempts to break into accounts. The senator did not follow-up and Zuckerberg didn’t say anything else on these hacking attempts.

A former member of the Hillary Clinton presidential campaign said they were not aware of Facebook notifying the campaign of hacking attempts.

After this story was published, Robby Mook, the former campaign manager for Clinton, confirmed that Facebook didn't alert their campaign.

"This is not true. We were never notified," Mook tweeted. "I hope Zuckerberg and Facebook correct the record."

Facebook's chief security officer replied to Mook saying that the company did contact the DNC and RNC "during this time to protect the accounts of key employees and to work together to spot potential additional malicious activity."

On Wednesday morning, Brad Parscale, who worked as digital media director for the Donald Trump 2016 campaign also contradicted Zuckerberg's statement. In a tweet, Parscale said that "Facebook needs to get their stories straight."

"I wasn't told about this," Parscale tweeted.

A Facebook spokesperson responded to our request for comment sending a link to Stamos' tweet.

Finally, on Wednesday, during a House hearing, Zuckerberg clarified his statement, explaining that he didn't mean to say they alerted the presidential campaigns.

"When I was referring to the campaigns yesterday I meant the DNC and RNC. So I may have misspoken and maybe technically that's called the committees, but those were the folks I was referring to," Zuckerberg said.

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzo@jabber.ccc.de, or email lorenzo@motherboard.tv

In September 2017, the Washington Post reported that Facebook was tracking one of the Russian government hacking groups, known as APT28 or Fancy Bear. The company alerted the FBI that the hackers were setting up fake accounts to spread disinformation and that they were working on an espionage operation.

Of course, as Johns Hopkins professor Thomas Rid pointed out on Twitter, Facebook “likely has *extraordinary* telemetry,” referring to an industry term for data about cyberattacks. Companies with large security teams and users that can be targeted by nation-state hackers have incredible amounts of information about those hackers. Google, for example, has been tracking Russian government hackers for years.

This story has been updated to include Robby Mook's tweet, Alex Stamos' reply to it, Brad Parscale's tweet, Facebook's spokesperson response to our requests for comment, and Zuckerberg's clarification.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.