For almost 24 hours, the world thought hackers were targeting Democrats’ VoteBuilder, the party’s “crown jewels” of voter data.
Someone had created a phishing campaign that perfectly mimicked the login page to access VoteBuilder — and on Monday evening, the cybersecurity company LookOut spotted that page and contacted the Democratic National Committee.
Party officials, eager to avoid a reprise of 2016 — when the party’s wariness of the FBI worsened its devastating hack by Russian military intelligence — scrambled to call the FBI for help. Someone tipped CNN, and the headlines quickly spread from there.
But it wasn’t the Russians, or anyone who meant the party ill. It was the work of DigiDems, a progressive fellowship program based in Oakland that embeds tech workers with Democratic organizations.
At the request of the Michigan Democratic Party, DigiDems set off to a common practice for an organization: try to trick party members into falling for realistic phishing scenarios as a means of testing how good employees are at spotting them. But instead of re-creating the login page of the organization they were working for, someone at DigiDems took the unusual step of re-creating the login page of NGP VAN, a third-party company used by Democrats across the country.
In their respective statements, both the MDP and DigiDems called the move a “misstep.”
The national party, despite the embarrassment of their confusion becoming international news, said the incident showed the party is taking cybersecurity seriously.
“Our systems worked exactly the way they're supposed to. Within 24 hours we made the changes to our system we needed to, we alerted the FBI, and we informed state parties. That's a dream compared to 2016,” one party official said.