Blaze Media
© 2023 Blaze Media LLC. All rights reserved.
Latest WikiLeaks release shows phishing email that likely gave hackers access to Clinton campaign manager's personal account
Center for American Progress co-founder John Podesta moderates a panel discussion during a conference commemorating the 10th anniversary of the center at the Astor Ballroom of the St. Regis Hotel October 24, 2013 in Washington, DC. Former Clinton Administration Chief of Staff Podesta co-founded the liberal public policy research and advocacy organization as a think tank that rivals conservative policy groups, such as the Heritage Foundation and the American Enterprise Institute. (Chip Somodevilla/Getty Images)

Latest WikiLeaks release shows phishing email that likely gave hackers access to Clinton campaign manager's personal account

"John needs to change his password immediately."

New emails released by WikiLeaks appear to show exactly how hackers gained access to Clinton campaign manager John Podesta's personal account.

"Someone just used your password to try to sign in to your Google Account john.podesta@gmail.com," the email to Podesta read. The message was sent March 19 with the subject line "*someone has your password.*" It was sent from "no-reply@accounts.googlemail.com."

Clinton campaign manager John Podesta (AP Photo/Andrew Harnik)

It provided the following "details" regarding the whereabouts of who it said tried to access Podesta's email, and when:

Saturday, 19 March, 8:34:30 UTC

IP Address: 134.249.139.239

Location: Ukraine

The same email noted that the sign-in attempt was stopped, and encouraged Podesta was encouraged to change his email password "immediately."

Clinton IT staffer Charles Delevan later told Podesta's assistant, Sarah Latham, that the ominous warning was "legitimate."

"This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authentication is turned on his account," Delevan explained.

But as CBS News pointed out Friday, the email encouraging Podesta to change his password wasn't "legitimate," after all. Instead, it appears to be the phishing email hackers used to get Podesta to change his password so they could then gain access to his account.

Delevan included the actual Google link to change a password, but CBS News reported that the person who changed the security feature clicked on the shortened link provided in the initial email, which gave hackers access to Podesta's account. Had the individual clicked on the Google link Delevan sent, the phishing attempt likely would have been unsuccessful.

While the phishing email said someone in Ukraine tried to sign in to Podesta's account, it doesn't necessarily mean that's where the hackers were. The IP Address and location could have been manufactured by whoever eventually gained access to Podesta's account once the password was changed.

The Clinton campaign has blamed Russian President Vladimir Putin and his operatives for Podesta's hacked emails, saying the Kremlin is trying to influence the outcome of the U.S. presidential election.

Want to leave a tip?

We answer to you. Help keep our content free of advertisers and big tech censorship by leaving a tip today.
Want to join the conversation?
Already a subscriber?

Jon Street

more stories