Alexandra Chalupa, a consultant for the Democratic National Committee (DNC), has been working for several weeks on an opposition research file about Paul Manafort, the campaign manager of Republican presidential nominee Donald Trump. Manafort has a long history of advising politicians around the world, including controversial dictators. Logging into her Yahoo email account, she gets a warning entitled “Important action required” from a Yahoo cybersecurity team. The warning adds, “We strongly suspect that your account has been the target of state-sponsored actors.”
Paul Manafort was a key adviser to Ukrainian President Viktor Yanukovych from 2004 until 2010. Yanukovych is a controversial figure frequently accused of widespread corruption and was overthrown after a massive series of protests in February 2014, and has since been living in Russia, protected by the Russian government. Chalupa had been drafting memos and writing emails about Manafort’s link to pro-Russian Ukrainian leaders such as Yanukovych when she got the warning. She had been in contact with investigative journalists in Ukraine who had been giving her information about Manafort’s ties there.
Chalupa immediately alerts top DNC officials. But more warnings from Yahoo’s security team follows. On May 3, 2016, she writes in an email to DNC communications director Luis Miranda, “Since I started digging into Manafort, these messages have been a daily occurrence on my Yahoo account despite changing my password often.”
In July 2016, she will tell Yahoo News, “I was freaked out,” and “This is really scary.” Her email message to Miranda will later be one of 20,000 emails released by WikiLeaks on July 22, 2016, showing that there was good reason to be concerned about hacking attempts.
Chalupa’s email to Miranda, results in concern amongst top level DNC officials. One unnamed insider will later say. “That’s when we knew it was the Russians,” since Russia would be very interested in Chalupa’s research and other countries like China would not. This source also says that as a precaution, “we told her to stop her research.”
Yahoo will later confirm that it did send numerous warnings to Chalupa, and one Yahoo security official will say, “Rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.” (Yahoo News, 7/25/2016)