Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

A Progressive Tech Fellowship Accidentally Made Everyone Think Democrats Were Getting Hacked

A day's worth of hacking confusion stems from a well-meaning tech startup trying to help the Michigan Democratic Party.

Posted on August 23, 2018, at 4:09 p.m. ET

Saul Loeb / AFP / Getty Images

For almost 24 hours, the world thought hackers were targeting Democrats’ VoteBuilder, the party’s “crown jewels” of voter data.

Someone had created a phishing campaign that perfectly mimicked the login page to access VoteBuilder — and on Monday evening, the cybersecurity company LookOut spotted that page and contacted the Democratic National Committee.

Party officials, eager to avoid a reprise of 2016 — when the party’s wariness of the FBI worsened its devastating hack by Russian military intelligence — scrambled to call the FBI for help. Someone tipped CNN, and the headlines quickly spread from there.

But it wasn’t the Russians, or anyone who meant the party ill. It was the work of DigiDems, a progressive fellowship program based in Oakland that embeds tech workers with Democratic organizations.

At the request of the Michigan Democratic Party, DigiDems set off to a common practice for an organization: try to trick party members into falling for realistic phishing scenarios as a means of testing how good employees are at spotting them. But instead of re-creating the login page of the organization they were working for, someone at DigiDems took the unusual step of re-creating the login page of NGP VAN, a third-party company used by Democrats across the country.

In their respective statements, both the MDP and DigiDems called the move a “misstep.”

The national party, despite the embarrassment of their confusion becoming international news, said the incident showed the party is taking cybersecurity seriously.

“Our systems worked exactly the way they're supposed to. Within 24 hours we made the changes to our system we needed to, we alerted the FBI, and we informed state parties. That's a dream compared to 2016,” one party official said.

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.