John Podesta, the Clinton campaign chairman whose hacked emails have exposed countless Democratic secrets to the world, was warned in 2008 to start protecting sensitive documents “by at least encrypting them.”
The warning came in an unencrypted email chain forwarded by Denis McDonough, then a top Obama campaign aide and currently the White House chief of staff, to Podesta, who at the time was running Obama’s transition team.
McDonough initially sent the warning to Obama economic adviser Daniel Tarullo in an email on November 3, 2008, the day before President Obama’s election victory, presumably in response to a detailed November 2 memo Tarullo sent around about the upcoming G-20 meeting President Bush had called to discuss the ongoing financial crisis.
I was struck by the memo partly because it was first I had heard of it but much more because it was a sensitive doc bumping around on public email addresses.
There is a very real threat to the security of our documents (particularly sensitive ones like the one you worked up), and we need to protect them by at least encrypting them.
Tarullo emailed back:
I had never heard anything like this from either the campaign or the pre-transition effort and, in fact, have been receiving things of equal or greater sensitivity for some time from both sources. You guys are presumably much more likely to be made aware of such issues, so when the economic side of the transition gets named, you should probably get in touch with them to give guidance on this.
McDonough then forwarded the thread to Podesta, with the following comment:
I know I’m like a broken record on this, but I think we should arrange a briefing on the cyber threat for all associated with your effort.
We have a real security threat on our stuff here. I would gladly work up something with our techie. We’ve developed a lot of expertise in this, unfortunately.
The email, ironically enough, showed up in Thursday morning’s release of the latest batch of Podesta’s emails being published daily by WikiLeaks. Their source is unclear; U.S. intelligence officials say they have evidence they were hacked by people working under Russian government supervision, but they have not made that evidence public.
The emails have spawned countless news articles, about Clinton’s private speeches to megabanks like Goldman Sachs, her campaign team’s coordination with Super PACs, internal squabbles about Clinton’s use of a private email server, how the Clinton Foundation enriched the Clintons, and many other subjects.
The earliest email from McDonough to Podesta about security seems to have come on October 12, 2008, when McDonough noted to Podesta, who was already well along in planning the transition: “we gotta figure our security. Our tech guy is in wdc tomorro.”
The fact that foreign actors were actively trying to hack U.S. presidential campaigns as well as the U.S. government was hardly a closely-held secret. As The Intercept reported in May, incoming members of the Obama administration were explicitly warned by the Office of the Director of National Intelligence that “foreign intelligence services have been tracking this election cycle like no other.”
McDonough himself is the sender and recipient of numerous nonencrypted emails in the trove, including many discussing personnel choices for top security and intelligence jobs.
Podesta, of course, continued to email in the clear at least through March 2016, when he was hacked, even when his communications included sensitive and embarrassing communications and passwords. We recently offered him some security tips.