By Jim Finkle
(Reuters) – U.S. Democratic National Committee officials incorrectly interpreted security testing conducted on behalf of Michigan Democrats as a sign foreign hackers were looking to attack a party voter database, a DNC source said on Thursday.
The DNC earlier on Thursday blamed the incident on a “third party” who built a mockup of the party’s VoteBuilder site in a security simulation.
Officials mistook the testing to be part of a malicious “phishing” effort to trick political workers into providing hackers with credentials for accessing party networks, DNC Chief Security Officer Bob Lord said in a statement.
To get more stories like this, subscribe to our newsletter The Daily.
Michigan Democratic Party chair, Brandon Dillon, issued a statement confirming that “alarms were set off” by security tests conducted on behalf of the state party organization.
Dillon and party officials could not be reached to elaborate on the brief statement.
The false alarm came as political parties and U.S. law-enforcement agencies are on high alert for signs of foreign hacking. U.S. officials recently warned that Russia is looking to interfere in the November mid-term elections.
Democrats have invested heavily in bolstering party cyber defenses after U.S. intelligence agencies determined that Russia used hacking as part of an effort to bolster support for Donald Trump’s 2016 presidential campaign. Russia has repeatedly denied those claims.
“Everyone is very jumpy and they check under their beds at night for Russian trolls,” said Jim Lewis, a hacking expert with the Washington-based Center for Strategic & International Studies.
The DNC reported the matter to the FBI, then went public with its concerns that it was under attack, after reviewing reports from two companies that said they had uncovered a mock login page for VoteBuilder website.
“The party took the necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised,” Lord said in his statement.
“We are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary,” he added.
DNC officials declined to elaborate.
VoteBuilder, designed by election technology firm NGP VAN, is frequently accessed by state parties and campaign managers in the field.
(Reporting by Jim Finkle in New York; Additional reporting by Christopher Bing in Washington, Jack Stubbs in London and Tim Reid in Chicago; Editing by Nick Zieminski)
