May 2009—February 2013: Clinton’s computer technician lies about his outside income running Clinton’s private server.

In May 2009, begins working for the State Department while continuing to be paid by Clinton for managing her private server. However, he does not list his outside income in the required personal financial disclosures he files each year. This continues until his full time department job ends in February 2013, the same month Clinton’s tenure as secretary of state ends. In early 2015, a State Department official will say that the department has “found no evidence that he ever informed the department that he had outside income.” (The Washington Post, 9/5/2015To lie on such a financial disclosure form is a felony punishable by up to five years in prison. (US Legal Code, 2/24/2012)

May 2009—February 2013: Clinton’s computer technician secretly manages her server during government work time and without the knowledge of his supervisors.

Bryan Pagliano (Credit: LinkedIn)

Bryan Pagliano (Credit: LinkedIn)

During the time Bryan Pagliano works as a political employee in the State Department’s IT [information technology] division starting in May 2009, he continues to secretly manage Clinton’s private email server in her house. The Washington Post will later report, “Three of Pagliano’s supervisors… told investigators they had no idea that Clinton used the basement server or that Pagliano was moonlighting on it.” (The Washington Post, 3/27/2016) However, Pagliano’s two direct supervisors (who apparently are Susan Swart and Charlie Wisecarver) will later tell department investigators that while they were aware Pagliano provided computer assistance to Clinton’s 2008 presidential campaign, they didn’t know he was supporting her server during working hours. They will question how he could do so given that he was supposed to be working full-time for the department. (US Department of State, 5/25/2016An unnamed colleague in Pagliano’s division will later similarly say that Pagliano’s immediate supervisors didn’t know Clinton’s private server even existed until it was revealed in news reports in 2015. In March 2016, the Reuters will report that both Clinton and the State Department continue to decline “to say who, if anyone, in the government was aware of the email arrangement.” (Reuters, 3/24/2016)

July 3, 2009: The NSA begins monitoring government email traffic for hacking attacks, but Clinton’s private server doesn’t benefit.

It is announced that the National Security Agency (NSA) will monitor the email traffic of 12 US government departments, including the State Department, in order to combat hacking. In a monitoring program called Einstein 3, telecommunication companies route data going to and from government networks through the NSA, which examine the traffic for any activity suggestive of an attack. (Wired Magazine, 7/8/2009) 

In 2015, Wired Magazine will note that because Clinton used a private email server, her “email [didn’t] have the benefit of any of that expensive government security.” (Wired, 3/4/2015)

September 21, 2009: Clinton’s meeting with major business leaders on this day is just one of dozens of meetings later not listed on her official calendar.

Clinton attends a meeting with New York Stock Exchange president Duncan Niederauer and various business leaders on September 21, 2009. (Credit: public domain)

Clinton attends a meeting with New York Stock Exchange president Duncan Niederauer and various business leaders on September 21, 2009. (Credit: public domain)

In June 2016, the Associated Press will finally gain access to some planning schedules from when Clinton was secretary of state. A comparison of these planning schedules with Clinton’s official calendar from that time will show that at least 60 meetings with Clinton’s donors and other outside interests were omitted. The Associated Press will give one specific example of a meeting on this day that is omitted from the calendar, even though the names of attendees to other meetings on the same day are not. Clinton meets with 13 major business leaders for a private breakfast discussion at the New York Stock Exchange:

  • David M. Cote, CEO of Honeywell International Inc.;
  • Fabrizio Freda, CEO of the Estee Companies Inc.;
  • Lewis Frankfort, chair of Coach Inc.;
  • Robert Kelly, CEO of the New York Bank of Mellon;
  • Ellen Kullman, CEO of DuPont;
  • Harold McGraw III, chair of McGraw Hill Companies;
  • Duncan Niederauer, CEO of  the New York Stock Exchange;
  • Indra Nooyi, CEO of PepsiCo;
  • Howard Schultz, CEO of Starbucks Corp;
  • Steven Schwarzman, chair of the Blackstone Group;
  • James Taiclet, chair of the American Tower Corp.;
  • James Tisch, president of Loews Corp.; and
  • John D. Wren, CEO of Omnicom Group.

All the companies represented except Coach Inc. lobby the US government in 2009. Four companies—Blackstone, Honeywell, Omnicom, and DuPont—lobby the State Department that year. All the companies except for American Tower and New York Bank of Mellon donate to the Clinton Foundation, and two attendees—Schwarzman and Frankfort—personally donate to the foundation. Four of the companies—PepsiCo, the Blackstone Group, DuPont, and Honeywell International Inc.—also donate to what the Associated Press calls “Clinton’s pet diplomatic project of that period,” the US pavilion at the 2010 Shanghai Expo. (The Associated Press, 6/24/2016)

October 2, 2009: New regulations require that all government emails must be preserved.

The US Code of federal regulations on handling electronic records is updated: “Agencies that allow employees to send and receive official electronic mail messages using a system not operated by the agency must ensure that Federal records sent or received on such systems are preserved in the appropriate agency recordkeeping system.” (The Washington Post, 3/10/2015)

In 2015, Jason Baron, former director of litigation at the National Archives and Records Administration (NARA), will comment that the rules get stricter in 2013. But even prior to that, “the use of a private [email] account was to be rare and occasional, and not to be the norm.” Using a private account “without using an official account is inconsistent with the Federal Records Act.” He adds, “To solely use a personal e-mail for four years [as Clinton did] is something that is highly unusual.” (Bloomberg News, 3/3/2015)

October 3, 2009: Clinton arranges secure phone calls using her unsecured email.

US Ambassador Karl Eikenberry (Credit: Asia Society)

US Ambassador Karl Eikenberry (Credit: Asia Society)

Clinton writes an email to her deputy chief of staff Huma Abedin telling her to set up a conference call that will use Clinton’s home phone over the weekend. The call will be between Clinton, two assistant secretaries of state, and a US ambassador. Clinton writes, “As soon as I’m off call now. Tell ops to set it up now.” (US Department of State, 6/30/2015)

The Washington Times will later report on this email, “The coordination of secure communications on an insecure break with protocol would give foreign intelligence agencies an opportunity to learn about a call early, then target and intercept the call, US officials told the Times.” Clinton will do this on other occasions, including setting up a call the next day with Karl Eikenberry, US ambassador to Afghanistan. (The Washington Times, 9/1/2015)

December 29, 2009: New rules clarify what the US government considers classified information

President Obama issues “Executive Order 13526: Classified National Security Information,” which updates a previous 1995 directive. The order clearly defines what the different levels of government classification are: “top secret,” “secret,” and “confidential.” It also states that: “The unauthorized disclosure of foreign government information is presumed to cause damage to the national security.” It further lists what information should be considered classified, and that list includes “foreign government information” and ‘foreign relations or foreign activities of the United States, including confidential sources.” (White House, 12/29/2009)

2010: Clinton appears in a cybersecurity video for State Department personnel.

It will remain publicly unknown until the video is leaked to Fox News in October 2016.

A photo capture of Clinton as she appears in the 2010 cybersecurity video. (Credit: Fox News)

A photo capture of Clinton as she appears in the 2010 cybersecurity video. (Credit: Fox News)

In the video, Clinton says that employees have a “special duty” to recognize the importance of cybersecurity. “The real key to cybersecurity rests with you. Complying with department computing policies and being alert to potential threats will help protect all of us.”

According to a later account by Fox News, “Clinton goes on in the video to underscore the important work the State Department Bureau of Diplomatic Security and IT department were doing to guard against cyber-attacks. She warns hackers try to ‘exploit’ vulnerabilities and penetrate department systems. She then urges staffers to log onto the internal cybersecurity awareness website or subscribe to their ‘cybersecurity awareness newsletter.’”

Representative Jason Chaffetz (R), chair of the House Oversight and Government Reform Committee, will later find the video ironic, given Clinton’s own security issues with her private email server. He will say, “Hillary Clinton needs only to look into the mirror to find the biggest cybersecurity risk.”

Clinton spokesperson Brian Fallon will say, “This is not new. It has been widely reported that during Clinton’s tenure the State Department issued these kinds of warnings about possible cybersecurity to employees. These warnings were more than appropriate given that it was subsequently confirmed that State’s email was hacked.” (Fox News, 10/22/2016)

Around January 12, 2010: Clinton and her aides allegedly demonstrate lax communication security while in Hawaii.

Clinton speaks on her Blackberry in the lobby of a Honolulu hotel on January 13, 2010. (Credit: Mandel NGAN / Agence France Presse / Getty Images)

Clinton speaks on her Blackberry in the lobby of a Honolulu hotel on January 13, 2010. (Credit: Mandel NGAN / Agence France Presse / Getty Images)

Bill Johnson, the State Department’s political adviser to the special operations section of the US Pacific Command (PACOM), will later claim that he is present in Honolulu, Hawaii, while Clinton comes to visit. During her trip, news breaks of a large earthquake in Haiti, which takes place on January 12, 2010.

Clinton goes to a security communications facility in the basement of PACOM headquarters to help organize a humanitarian response to the earthquake. She wants to communicate with her top staff back at State Department headquarters in Washington, DC, but she and her aides are not allowed to bring their cell phones into PACOM headquarters because they are using unsecured, personal devices. They ask Johnson for an exception to the rules, but he refuses, citing alarms and lockdowns that would be automatically triggered if anyone brought an unauthorized signal-emitting unit into the building.

So instead, according to Johnson, “She had her aides go out, retrieve their phones, and call [State Department headquarters] from outside,” using open, unsecure lines. “It was really an eye-opener to watch them stand outside using nonsecure comms [communications] and then bring messages to the secretary so she could then conduct a secure [call] with the military” and the State Department. (Newsweek, 5/25/2016)

January 13, 2010: Clinton is photographed on this day using a phone that clearly isn’t her blue-colored Blackberry that is seen in many other photos of her from before and after this time.

Left: Clinton reads her BlackBerry at a ceremony in New York on November 11, 2008. (Credit: Saul Loeb / Agence France Presse / Getty Images) Center: Clinton speaks on a phone in a hotel in Honolulu, Hawaii, on January 13, 2010. (Credit: Mandel Ngan / Agence France Presse) Right: Clinton uses her Blackberry inside a military plane bound for Tripoli, Libya, on October 18, 2011. (Credit: Kevin Lamarque / The Associated Press)

Left: Clinton reads her BlackBerry at a ceremony in New York on November 11, 2008. (Credit: Saul Loeb / Agence France Presse / Getty Images) Center: Clinton speaks on a phone in a hotel in Honolulu, Hawaii, on January 13, 2010. (Credit: Mandel Ngan / Agence France Presse) Right: Clinton uses her Blackberry inside a military plane bound for Tripoli, Libya, on October 18, 2011. (Credit: Kevin Lamarque / The Associated Press)

It is not known if it is a borrowed phone or her phone. (Getty Images) (Getty Images) In 2015, after her use of only one private email address will become public, she will claim that this was because she only had one phone. She will mention that she bought an iPad in 2010, but the first iPad model will not be released until April 2010 and she will not buy one until July 2010. (The Associated Press, 3/11/2015) (The Washington Post, 3/31/2015) (US Department of State, 8/31/2015)

March 2010: Clinton judges a possible department watchdog, raising independence concerns.

The permanent position of State Department inspector general has been vacant since 2008, before Obama became president. An inspector general serves as a department’s internal watchdog. Some time in March 2010, Clinton’s chief of staff Cheryl Mills emails Clinton about a possible nominee for the position. Mills writes, “Let me know if you DON’T want to proceed.”

Clinton writes back, “Are you ok [with] him?”

Then Mills writes, “Yes – he’ll be good.”

It is not known who they are talking about since the name will later be redacted, but Obama will not nominate anyone for the position until mid-2013, after Clinton’s term as secretary of state is over.

The Wall Street Journal will later comment, “The exchange raises questions about the independence of the inspector general’s office. Government inspectors general have broad latitude within government agencies to investigate cases of waste, fraud, mismanagement, and abuse.” (The Wall Street Journal, 2/20/2016)

May 2010: The Associated Press files the first FOIA request for Clinton’s communications.

FOIA Logo (US Dept. of Justice)

FOIA Logo (US Dept. of Justice)

The Freedom of Information Act (FOIA) request is apparently for Clinton’s schedules, not her emails. In March 2015, it will be reported the request still had not be fulfilled, causing the Associated Press to finally sue to force the issue. (The New York Times, 3/3/2015) (The Associated Press, 3/11/2015)

May 21, 2010—October 21, 2010: Computer records suggest Clinton’s private server could be located at the Clinton Foundation’s headquarters.

The result of an IP location look up of where Clinton's private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

The result of an IP location look up of where Clinton’s private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

According to publicly available computer records, the IP [Internet Protocol] address for the mail.presidentclinton.com server is 24.187.234.187 from at least 2009 to 2011. Records also show that mail.clintonemail.com server has the same exact IP address, 24.187.234.187, from at least May 21, 2010 to October 21, 2010. That means the two servers must have been in the same location for that overlapping time period.

Computer records can also indicate where the IP addresses are physically located, and that IP address at that time is somewhere in the middle of Manhattan, New York City. That makes sense for presidentclinton.com, since former President Bill Clinton’s offices are there, and the Clinton Foundation headquarters is also there. But that would suggest that Hillary Clinton’s clintonemail.com server used for all her secretary of state work is also based in Manhattan and not Chappaqua, New York, for at least part of 2010. (DNS History, 9/7/2015) (DNS History, 9/7/2015) (IP Tracker, 9/3/2015)

Around Mid-2010 and After: After contacting a Secret Service agent about frequent hacking attacks on Clinton’s server, the managers of the server apparently never contact anyone else from other government departments for help.

Justin Cooper (Credit: Alex Wong / Getty Images)

Justin Cooper (Credit: Alex Wong / Getty Images)

According to a September 2016 FBI report, Justin Cooper, a Bill Clinton aide who is helping to manage Clinton’s private server, contacts a Secret Service agent at some point during Clinton’s tenure as secretary of state. It is not clear when this happens, but apparently it is not long after the server begins to be frequently targeted by brute force hacking attacks around the middle of 2010.

Cooper will be asked about this in a September 2016 Congressional hearing shortly after the FBI report is published. He will say, “when we first experienced some of the repeated failed login attempts, I reported them to the Secret Service. … There was an instance where we shared some logs with [them]. … The Secret Service looked at logs from the server and made some recommendations to [server manager Bryan] Pagliano about the possible origins of those failed logins and some techniques he might use to mitigate that problem.” (The Secret Service agent will give advice on improving the server’s security that will not be followed.)

However, when Cooper is asked by Representative Blake Farenthold (R), “Did you turn over the logs and notifications that you received to the FBI, the emails of brute force attacks?” Cooper will say the FBI was not contacted.

Representative Jody Hice (Credit: Twitter)

Representative Jody Hice (Credit: Twitter)

Additionally, when Representative Jody Hice (R) will ask if Cooper consulted with any other “department or agency in the government,” Cooper will say, “No. No consultations of that type.” He will also specifically mention the State Department wasn’t consulted. (US Congress, 9/13/2016)

It’s possible that Pagliano contacted others, but the FBI will interview both Cooper and Pagliano in its investigation and then will mention only the contact with the Secret Service in its final report.

The number of hacking attacks steadily grows through the rest of Clinton’s time in office. (Federal Bureau of Investigation, 9/2/2016)

Around Mid-2010 to January 2013: “Brute force” hacking attempts on Clinton’s private server begin and steadily increase, but it is unknown if any are successful.

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly Roll Call)

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly)

Bryan Pagliano, the manager of Clinton’s private server while she is secretary of state, will be interviewed by the FBI in December 2015. According to an FBI report, he will claim that the server suffered no known security breaches. However, “he was aware there were many failed login attempts, which he referred to as brute force attacks. He added that the failed attempts increased over the life of the [server], and he set up the server’s logs to alert [Justin] Cooper when they occurred. Pagliano knew the attempts were potential attackers because the credentials attempting to log in did not match legitimate users on the system. Pagliano could not recall if a high volume of failed login attempts emanated from any specific country.”

The FBI report will explain, “A brute force attack is a trial-and-error method used to obtain information, such as a password… In a brute force attack, passwords may be attempted manually or automated software can be used to generate a large number of consecutive guesses as to the targeted information.” (Federal Bureau of Investigation, 9/2/2016)

Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about brute force attacks in a September 2016 Congressional hearing. He will respond, “I can’t say with any specificity how many had happened. They happened with some limited frequency over the period of, I’d say the last two and a half years, while she was in office. But we had developed systems to tamper these down.”

Representative Blake Farenthold (R) will ask Cooper that if the brute force attacker managed to enter the correct user name and password, “you wouldn’t have been notified, would you? You would have thought it was Mrs. Clinton or some legitimate user actually getting in?”

After further questioning, Cooper will admit that he only looked at failed attempts and didn’t check for related successful log-ins. (US Congress, 9/13/2016)

Around Mid-2010: A Secret Service agent advises Pagliano to take a step to improve the security of Clinton’s private server, but the step is not taken.

After Bryan Pagliano sets up Clinton’s new private server in January 2009, he sets up Internet Protocol (IP) filtering on the firewall, once a firewall is established in late March 2009. Pagliano will later tell the FBI that he tried to review the firewall log files once a month.

The US Secret Service Badge (Credit: public domain)

The US Secret Service Badge (Credit: public domain)

At some point, Justin Cooper, a Bill Clinton aide who is helping Pagliano manage the server, puts Pagliano in contact with a US Secret Service agent. The timing of this is not clear. However, in a September 2016 Congresssional hearing, Cooper will say it happened after Clinton’s server started to get frequent “brute force” hacking attacks, and that begins around the middle of 2010.

This agent recommends that Pagliano should also perform outbound filtering of email traffic. According to a September 2016 FBI report, “Pagliano further considered, but ultimately did not implement, a Virtual Private Network (VPN) or two-factor authentication to better secure administrative access to the server system by him and Cooper.”

The FBI report will explain: “‘VPN’ is a private network that runs on top of a larger network to provide access to shared network resources, which may or may not include the physical hard drives of individual computers… VPN offers an additional layer of security by encrypting the data traveling to the private network before sending it over the Internet. Data is then decrypted when it reaches the private network. … ‘Two-factor authentication’ is a method of confirming a user’s claimed identity by utilizing a combination of two different components…” (Federal Bureau of Investigation, 9/2/2016) (US Congress, 9/13/2016)

July 23, 2010: An email forwarded to Clinton includes the name and email address of at least one secret CIA official.

A US official whose name is later classified sends an email to at least two dozen other US officials. Most of their names will later be classified as well. At least one redacted recipient’s name is that of a secret CIA official. The email concerns a recent WikiLeaks release of classified documents and includes an attachment that has a statement by senior Defense Department officials and relevant talking points. Clinton aide Jake Sullivan forwards the email to Clinton. (US Department of State, 2/26/2016)

July 24, 2010: Clinton may start accessing the Internet at her Washington home using an unsecure, typical Wi-Fi connection.

Philippe Reines (Credit: Washington Post)

Philippe Reines (Credit: Washington Post)

Clinton and Philippe Reines have an email chain about Clinton’s new iPad. Reines is Clinton’s press secretary and a senior advisor. It is a Saturday and apparently Clinton is at her home in Washington, DC, and trying to get her new iPad to work. She cannot connect to the Internet with it, so she asks Reines, “I don’t know if I have wi-fi. How do I find out?” (Wi-Fi technology allows one to connect to the Internet using a wireless local area network.)

Reines responds, “Let me talk to Justin & Huma to check out the situation, and if there is wi-fi I’m happy to swing by and set it up.” “Justin” is a likely reference to Clinton aide Justin Cooper, who registered Clinton’s private server in her Chappaqua, New York, house, and “Huma” is a likely reference to Clinton’s deputy chief of staff Huma Abedin. (US Department of State, 11/30/2015) 

It is not known what happens, but it appears Reines is prepared to enable Clinton to regularly use her iPad at her home using a typical Wi-Fi network, without any extra security measures. Clinton begins using her iPad for her emails the next day, while continuing to use her BlackBerry. (US Department of State, 8/31/2015)

July 25, 2010: An email chain forwarded to Clinton includes the name and email address of a secret CIA official.

Julian Assange (Credit: David G. Silver / Flickr)

Julian Assange (Credit: David G. Silver / Flickr)

Clinton aide Jake Sullivan forwards Clinton an email chain that has been discussing the recent releases of classified US government information by WikiLeaks and Julian Assange. Over 30 US officials are included in the email chain; the name and email address of one of them will later be redacted because that person is a secret CIA official. (US Department of State, 2/13/2016)

July 25, 2010: Clinton invites a US diplomat to discuss communications with foreign ministers with her using her private email address.

100725Montage

Italian Foreign Minister Franco Frattini (top left) (Credit: European Press Agency), Greek Prime Minister George Papandreou (top right) (Credit: Greek Reporter), Spanish foreign minister Miguel Angel Moratinos (lower left) (Credit: 525-gi gazet), Israeli Prime Minister Benjamin Netanyahu (lower right) (Credit: Israel Ministry of Foreign Affairs)

Clinton writes an email to former senator George J. Mitchell (D), who is the US Special Envoy for Middle East Peace at the time. The subject heading is “Here’s my personal email,” and the entire message is “Pls [Please] use this for reply–HRC [Hillary Rodham Clinton].” (US Department of State, 9/30/2015) 

Mitchell replies, “I talked with Frattini again and went over the point again. He said he understands and agrees.” The rest of his email is later redacted because it contains “foreign government information.” “Frattini” is a likely reference to Italian Foreign Minister Franco Frattini.

Clinton replies, “I told Papandreou the same.” “Papandreou” is a likely reference to Greek Prime Minister George Papandreou. (US Department of State, 9/30/2015) 

Mitchell then discusses communicating with “Moratinos,” a likely reference to Spanish foreign minister Miguel Angel Moratinos.

Clinton replies by mentioning a plan to call “Ashton,” a likely reference to the European Union foreign policy chief Catherine Ashton, and “Bibi,” the nickname of Israeli Prime Minister Benjamin Netanyahu. (US Department of State, 9/30/2015) 

It is not clear why Clinton invites Mitchell to discuss such high-level diplomatic communications via her unsecure personal email address. In 2015, J. William Leonard, former director of the US Information Security Oversight Office, will make the general comment, “If a foreign minister just told the secretary of state something in confidence, by US rules that is classified at the moment it’s in US channels and US possession. […] It’s born classified.” (Reuters, 8/21/2015)