It seems too incredible to be true, but one of the most politically well-connected men on the planet apparently had his email hacked when he responded to a phishing email and entered his credentials. According to Politico, a security firm hired to assess the breach into Clinton campaign chair John Podesta's email has confirmed the assessment of numerous intelligence agencies that Russian hackers were responsible for the breach.
However, what had not previously been disclosed is that hackers gained access to his email by successfully getting him to respond to a phishing scam:
Hillary Clinton campaign chairman John Podesta’s Gmail account was hacked by the same Russian intelligence-linked hackers that breached the DNC and the DCCC, researchers confirmed Thursday.
Podesta unwittingly gave hackers access to his account by clicking a Bitly link that redirected him to a fake Google login page, where he entered his credentials.
The specific fake Google domain is what led the security firm to conclude that the Russians were behind the hack:
Security researchers have long tied Fancy Bear to Russia's military intelligence agency, the GRU.
Motherboard’s story included a redacted screenshot of the malicious Bitly link’s analytics page that showed the link redirecting to Fancy Bear’s fake Google domain. POLITICO independently reviewed the bit.ly link’s analytics page and confirmed with SecureWorks that the domains matched.
As a result of Podesta's carelessness, thousands of his emails have been posted to the site WikiLeaks, many of which have proven to be extremely damaging to the Clinton campaign politically.