RNC Denies Data Breach, Says Russian Hackers Only Reached Contractor's Systems

The Republican National Committee (RNC) has denied a report claiming that their computer systems were hit by a successful ransomware attack from the Russian hacker group Cozy Bear last week, saying that an attack did happen but affected one of its contractors only.

A Bloomberg report published Tuesday, based on anonymous sources that the outlet said were familiar with the matter, claimed that RNC computer systems had been comprised in the attack through the California-based firm Synnex. However, RNC Chief of Staff Richard Walters quickly disputed the report, insisting that no RNC data had been compromised.

"Over the weekend, we were informed that Synnex, a third party provider, had been breached," Walters said in a statement obtained by Newsweek. "We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter."

Cozy Bear is the same group that is believed to have attacked Democratic National Committee servers prior to the 2016 presidential election. The U.S. government has designated the group "advanced persistent threat APT29," linking its activities to Russian intelligence agencies. Cozy Bear also allegedly carried out the SolarWinds cyberattack that happened late last year.

RNC Hack Cozy Bear Data Breach Denied
The RNC told Newsweek that though a third-party contractor had been hacked, there was no data obtained. DOMINICK REUTER/AFP/Getty

Synnex issued a statement on Tuesday promising that "a thorough review of the attack" on its systems was underway.

"We are a long-term distribution partner for Microsoft and along with them, responded with the requisite urgency to address the recent attacks and to limit the potential activities of these bad actors," Synnex President and CEO Dennis Polk said. "We will remain vigilant and focused on the security of our organization."

The attack on Synnex happened around the same time that an attack on software group Kaseya occurred, potentially affecting up to 1,500 businesses around the world, according to Reuters. Another Russia-linked hacking group, REvil, is believed to be responsible for the attack.

Multiple high-profile ransomware attacks—in which hackers hijack data and often demand large amounts of money to release it—have caused chaos in 2021. The Colonial Pipeline and meat supplier JBS were temporarily paralyzed by ransomware attacks in May.

While cybersecurity experts have alleged that this year's major ransomware attacks were carried out by groups linked to Russia, the Russian government has denied any involvement. In April, President Joe Biden issued an executive order imposing new sanctions on Russia to hold the country "accountable for its malicious cyber activities."

Newsweek reached out to the Department of Homeland Security and the FBI for comment.