Google tells senator that nation-state hackers probed his old campaign email accounts

Google has informed Pennsylvania Republican Pat Toomey that nation-state hackers may have tried to breach old accounts associated with his campaign, according to his spokesman.
Pat Toomey
Sen. Pat Toomey. R-Pa., had some phishing attempts sent to old emails. (Flickr/Brookings Institution)

Google has informed Sen. Pat Toomey, R-Pa., that nation-state hackers may have tried to breach old email accounts associated with his campaign, according to Toomey spokesman Steve Kelly.

The probing involved phishing emails to accounts over a year old, and there is no evidence of a breach, according to Kelly. Based on scans of the emails, they did not appear to contain malware, he added.

Toomey, who won re-election in 2016, is not up for re-election again until 2022.

“This underscores the cybersecurity threats our government, campaigns, and elections are currently facing,” Kelly said in a statement Friday. “It is essential that Congress impose tough penalties on any entity that undermines our institutions.”


Kelly’s statement did not say whether the hackers have been tied to a particular country.

Google did not respond to a request for comment by press time.

Toomey is the latest politician to draw the attention of nation-state hackers. Last month, Sen. Claire McCaskill, D-Mo., a critic of Moscow who faces a tough reelection bid, confirmed that Russian government-linked hackers had tried to spearphish her staff.

U.S. officials have warned that the Russian government will continue to try to interfere in the U.S. midterm elections in November.

On Friday, officials from the Department of Homeland Security and the FBI, along with Microsoft and Facebook representatives, briefed state election personnel on recent foreign cyberthreats and influence operations.


During the call, Microsoft officials elaborated on their takedown last week of six internet domains allegedly set up by the same group of Russian hackers that targeted McCaskill and breached the Democratic National Committee before the 2016 presidential election. The domains spoofed those associated with the U.S. Senate and two conservative organizations that promote democracy.

“With the 2018 midterms just around the corner everyone in the election and cybersecurity community must remain vigilant,” said Jim Condos, president of the National Association of Secretaries of State, which took part in the briefing.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts