The House is under attack by hackers hoping to infiltrate congressional computers, encrypt their contents, and then force users to pay a ransom to get their access back.
“In the past 48 hours, the House Information Security Office has seen an increase of attacks on the House Network using third party, web-based mail applications such as YahooMail, Gmail,” the House’s Technology Service Desk wrote in an email to House staffers on April 30.
According to the email, obtained by The Intercept, the hacked emails impersonate familiar people and invite staffers to download an attachment laced with malware — what’s known as a “phishing” attack.
“When a user clicks on the link in the attack email, the malware encrypts all files on that computer, including shared files, making them unusable until a ‘ransom’ is paid,” the email said.
But House administrative offices refused to say how many, if any, attacks have been successful, what sort of data may have been affected, or how much has been paid in ransom, if anything.
“The potential for ransomware attacks the House faces is similar to any large organization,” a spokesperson for the chief administrative officer of the House wrote in a statement to The Intercept. “The House recognizes the importance of taking steps to employ a cybersecurity plan to protect our infrastructure, and we constantly work to improve training and education for all House users.”
A lockdown on parts of the House internet network — from Wi-Fi to Ethernet — remains ongoing.
Access to both YahooMail and Google Cloud services hosted by Google’s appspot.com appear to be completely blocked on the House’s network, according to Ted Henderson, a former Hill staffer and founder of two social-network applications designed for Capitol Hill communication: Cloakroom and Capitol Bells. It’s unclear if both blockages, not just Yahoo’s, are related to the ransomware attacks.
Henderson says his several thousand users cannot post to the social networks inside the House office buildings. The way Cloakroom works, you’re normally able to log in either anonymously simply by using Capitol Hill Wi-Fi or with your staff email address. The Senate office buildings don’t appear to be affected.
“This is the first time I’ve seen this happen at a scale like this in five years,” Henderson wrote The Intercept in an email.
In recent months, several lawmakers have penned letters asking the Obama administration how it’s dealing with the problem of ransomware — a type of attack more than two dozen government agencies have admitted to confronting in the past as well.
Now that Congress itself is the target, security researchers are hopeful the issue will draw more national attention. “What you’re seeing in Congress is just part of what’s happening,” Markus Jakobsson, founder of ZapFraud, a scam email detection service, and an expert on phishing attacks, told The Intercept. “This will hopefully bring some awareness to decision makers. … Once they start [going after Congress], there will be changes.”
Ransomware attacks take many forms. Some hackers have managed to infect entire websites with malware.
It’s not clear whether the current spate of attacks on the House network was targeted, or whether House users just happened to find themselves among the ever-growing number of victims.
Ransomware is a major and growing threat to security. Just the day before the House emailed its staff about the attacks, the FBI published a press release titled “Incidents of Ransomware on the Rise,” warning that “hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses” are all under increasing threat of being hacked and ransomed.
Nonprofit health care organization Health Information Trust Alliance warned in April that more than half of 30 hospitals it surveyed were infected with malware — most of it ransomware. Los Angeles hospital Hollywood Presbyterian paid $17,000 to recover its data in March.
Police departments have also been victims of ransomware attacks, sometimes forced to pay up to recover everything. One police chief compared the extortion to “what felt like terrorist threats.”
It’s not at all clear how to solve the problem, though researchers have come up with some solutions and recommendations. “This is something that the technical community is still struggling with getting a firm grip on,” Jakobsson said.
He suggests Congress install several levels of filters to detect possible spam and scams, back up their data, and launch awareness campaigns to alert people to the reality of the problem. “The problem of social engineering is so vast that you can’t just do one and hope that’s enough,” he said.
IT’S EVEN WORSE THAN WE THOUGHT.
What we’re seeing right now from Donald Trump is a full-on authoritarian takeover of the U.S. government.
This is not hyperbole.
Court orders are being ignored. MAGA loyalists have been put in charge of the military and federal law enforcement agencies. The Department of Government Efficiency has stripped Congress of its power of the purse. News outlets that challenge Trump have been banished or put under investigation.
Yet far too many are still covering Trump’s assault on democracy like politics as usual, with flattering headlines describing Trump as “unconventional,” “testing the boundaries,” and “aggressively flexing power.”
The Intercept has long covered authoritarian governments, billionaire oligarchs, and backsliding democracies around the world. We understand the challenge we face in Trump and the vital importance of press freedom in defending democracy.
We’re independent of corporate interests. Will you help us?
IT’S BEEN A DEVASTATING year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
I’M BEN MUESSIG, The Intercept’s editor-in-chief. It’s been a devastating year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
Contact the author:
Latest Stories
Kash Patel Got Arrested for Public Urination After a Night of Drinking
The FBI director was arrested twice in his youth for alcohol-related incidents that he said were “not representative of my usual conduct.”
Chilling Dissent
“We Knew They Were Paying Informants”: SPLC Donors Reject Trump DOJ Fraud Claims
Twenty donors to the Southern Poverty Law Center said the alleged “fraud” being prosecuted in their name was exactly how they hoped the group would spend their money.
Palantir Is Helping Trump’s IRS Conduct “Massive-Scale” Data Mining
Military contractor Palantir has been paid more than $130 million by the IRS to analyze sensitive federal databases.