June 30, 2016: One company that possessed Clinton’s emails is accused of having shockingly poor security.

Datto Headquarters in Norwalk, Connecticut. (Credit: Stephen A. Schwartz / Daily Mail)

Datto Headquarters in Norwalk, Connecticut. (Credit: Stephen A. Schwartz / Daily Mail)

From around June 2013 until August 2015, Clinton’s private server containing her emails from her time as secretary of state was managed by Platte River Networks. But another company, Datto Inc., was making monthly back-up copies of all the server’s data in the Internet cloud.  Datto has 600 employees and is valued at $1 billion, but two people tell the Daily Mail that the company is extremely incompetent.

Marc Tamarin, president of Virtual IT Consulting, was a Datto business partner from 2009 until early 2016. He says he frequently worked with Datto’s technical support, but “Those guys were really morons. They weren’t qualified to handle our back-up and that was the biggest concern for us. … If they’re inept at the basic principles of technology, how are they going to handle something advanced like security? Most companies like mine trust their vendor that they are doing due diligence. I’ve never heard anything this bad before in my life, the dataincompetence was shocking.”

An unnamed former employee, who spent three years at the company, has even more complaints. “If you’re talking about high-level data security, at the political, presidential level, the security level of data [at Datto] … was nowhere near something that could have been protected from a good hacker that knows how to spread out their points at which to infiltrate. It’s not something that Datto was focused on. It was more about getting the data off-site quickly and cost-effectively than securing the data and keeping it from being hacked. There’s no doubt in my mind that someone could easily hack them – even today.”

He calls Datto’s security “a joke.” He claims a potential hacker could walk in off the street and sit down at an unused computer and access all the company’s data. There were no security guards, the receptionists didn’t ask questions of strangers, there was no key card access or other security features, passwords were not regularly changed, and so on. People who said they had lost their security pass would be let in without questions. Unused computers were frequently left on and logged in to the network.

He says, “For years, any Datto employee, even low-level ones, could go in any customer’s device, see their backups, restore files, and delete files.” Oftentimes, Datto customers would find themselves logged into the data of another customer without even wanting to. Datto’s internal servers were hacked in 2010. However, complaints were swept under the rug and security was not improved. (The Daily Mail, 6/30/2016)