The personal Gmail accounts of an unspecified number of US senators and Senate staff have been targeted by foreign government hackers, a Google spokesperson confirmed to CNN on Thursday.
On Wednesday, Sen. Ron Wyden, an Oregon Democrat, wrote in a letter to Senate leadership that his office had learned that “at least one major technology company has informed a number of Senators and Senate staff members that their personal email accounts were targeted by foreign government hackers.”
Google confirmed it was the company Wyden was referring to, but would not say which senators were targeted or when the attempted intrusions were detected.
The senators and their staff targeted were both Republicans and Democrats, a Senate aide told CNN.
Google would not say whether the targeting had resulted in a successful hack but pointed to a blog post on its website about its government-backed hacking warnings that says, “We send these out of an abundance of caution — the notice does not necessarily mean that the account has been compromised or that there is a widespread attack. Rather, the notice reflects our assessment that a government-backed attacker has likely attempted to access the user’s account or computer through phishing or malware, for example.”
The news serves as a reminder of cyber vulnerabilities with just weeks to go before the midterm elections.
In 2016, the Gmail account of Hillary Clinton’s then-campaign chairman, John Podesta, was successfully targeted by Russian hackers and resulted in the release of thousands of campaign-related emails.
Last month, Microsoft announced it had thwarted part of a Russian military intelligence operation targeting the Senate and Washington think tanks.
Wyden expressed “serious concern” on Wednesday that the Senate Sergeant at Arms, which oversees security, lacked the authority to protect senators and staff from sophisticated cyberattacks.
Wyden said he is introducing legislation that would permit the Sergeant at Arms to “provide cybersecurity assistance to Senators and staff, on an opt-in basis, for their personal devices and accounts.”