Between November 2012 and March 15, 2013: Blumenthal’s CIA source may want to sell US intelligence to the new Libyan government.

Libya Prime Minister Ali Zeidan (Credit: Reuters)

Libya Prime Minister Ali Zeidan (Credit: Reuters)

Former CIA official Tyler Drumheller sends a letter to Ali Zeidan, the new Prime Minister of Libya. The letter will later be found in one of Sid Blumenthal’s emails due to his inbox getting broken into by the hacker nicknamed Guccifer.

The letter is undated, but must be from between November 2012 when Zeidan became prime minister, and March 15, 2013, when Blumenthal’s emails were hacked. Drumheller offers the services of his private company “Tyler Drumheller LLC,” to “provide discreet confidential information allowing the appropriate entities in Libya to address any regional and international challenges.” He says his information “is based on the experience of senior officials drawn from the highest levels of the American intelligence, security, and political communities.”

Since Clinton became secretary of state in 2009, Drumheller appears to have been sending CIA and NSA intelligence to Blumenthal, who then forwards it to Clinton. It’s not clear how Drumheller gets this information, since he left the CIA in 2005.

The response from Zeidan is unknown. (Gawker, 3/27/2015) (Gawker, 3/27/2015)

January 17, 2013: Blumenthal is sent clearly marked classified information by a business partner.

A screenshot of Blumenthal's email account showing the January 17, 2013 email from Cody Shearer. (Credit: public domain)

A screenshot of Blumenthal’s email account showing the January 17, 2013 email from Cody Shearer. (Credit: public domain)

Clinton associate Cody Shearer sends Clinton confidant Sid Blumenthal a clearly classified document in an email. The subject heading for the email is: “Sid – This is Classified.” There is no text, but a document is attached called “Washington,_DC_Itinerary_for_D.doc.” In 2011 at least, Shearer and Blumenthal were business partners.

This email will only come to light because the hacker nicknamed Guccifer will post a screenshot of it after breaking into Blumenthal’s email account in March 2013.

It is not known if Shearer sent Blumenthal other classified information or if Blumenthal forwarded any such information to Clinton. (Gawker, 3/31/2015) Blumenthal has no security clearance to receive classified information at the time.

February 2013—June 2013: At least one manager of Clinton’s server does very little during a transition phase, despite the Guccifer hack threat.

At the end of Clinton’s tenure of secretary of state in February 2013, her private server is still being managed by Bryan Pagliano and Justin Cooper, with Pagliano doing most of the technical work and Cooper doing most of the customer service work. The management of the server will be taken over by the Platte River Networks (PRN) computer company in June 2013. It seems possible that the server is not as actively managed in the months in between.

Justin Cooper testifies to the House Oversight and Government Affairs Committee. (Credit: Alex Wong / Getty Images)

Justin Cooper testifies to the House Oversight and Government Affairs Committee on September 13, 2016. (Credit: Alex Wong / Getty Images)

In September 2016, Cooper will be questioned by a Congressional committee. Representative Jason Chaffetz (R) will ask him, “[Y]ou stepped back from the day-to-day activities with the Clintons about the time of the transition, is that correct? As she left office?”

He will reply, ‘Yes.”

When asked about his knowledge of what happened to server security after the hacker known as Guccifer broke into the email account of a Clinton confidant and publicly exposed Clinton’s email address on the server in March 2013, Cooper will reply, “At that point in time I was transitioning out of any role or responsibility with the server as various teams were selecting Platte River Networks to take over the email services and I don’t know that I had any sort of direct response.”

Additionally, when Cooper will be asked about his contact with PRN, he will say, “My interaction was handing over user names and passwords and that was the totality of the interaction I’ve had. I’ve never had interaction with them.” (US Congress, 9/13/2016)

It is not known if Pagliano similarly cuts down his involvement with managing the server during this time, since he has refused to publicly comment about his experiences. The FBI has mentioned nothing about the management of Pagliano or Cooper during this time period. (Federal Bureau of Investigation, 9/2/2016)

March 14, 2013: Guccifer accesses the email account of Clinton confidant Sid Blumenthal.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large "G" for "Guccifer" added. Because it was sent on February 16, 2013, two weeks after Clinton's term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large “G” for “Guccifer” added. Because it was sent on February 16, 2013, two weeks after Clinton’s term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

Guccifer, an unemployed Romanian whose real name is Marcel-Lehel Lazar, breaks into the AmericaOnline (AOL) email account of Blumenthal. Guccifer does not have typical hacking skills but instead attempts to guess passwords and answers security questions. In recent months, he broke into the accounts of famous people, or the friends and family of famous people, including those of former secretary of state Colin Powell and former US president George W. Bush.

He takes screenshots of the text of emails of Clinton and Blumenthal discussing sensitive foreign policy issues during her time as secretary of state. He also takes a screenshot of Blumenthal’s inbox showing a list of the latest emails sent from Clinton.

In the next few days, the screenshots are made public, and for the first time, Clinton’s private email address hdr22@clintonemail.com is revealed to the world. (USA Today, 3/22/2013) (The Smoking Gun, 3/3/2015)

March 15, 2013—March 21, 2013: Clinton’s private server is repeatedly scanned from Russia shortly after Guccifer’s hack revealed her server domain.

On March 14, 2013, the Romanian hacker known as Guccifer broke into the email account of Clinton confidant Sid Blumenthal and learned Clinton’s private email address and thus her clintonemail.com server domain.

A September 2016 FBI report will reveal that “An examination of log files [of Clinton’s server] from March 2013 indicated that IP addresses from Russia and Ukraine attempted to scan the server on March 15, 2013, the day after the Blumenthal compromise, and on March 19 and March 21, 2013. However, none of these attempts were successful, and it could not be determined whether this activity was attributable to [Guccifer].” (Federal Bureau of Investigation, 9/2/2016)

Shortly after March 15, 2013: Cheryl Mills expresses concerns to Bryan Pagliano about the security of Clinton’s private email server after the Guccifer hack.

On March 14, 2013, the Romanian hacker nicknamed Guccifer broke into the email account of Clinton confidant Sid Blumenthal and made Clinton’s private email address public. Cheryl Mills was Clinton’s chief of staff until January 2013, when both she and Clinton left the State Department. But Mills continues to assist Clinton, and in August 2016 she will mention in written answers to a Freedom of Information Act (FOIA) lawsuit that she was concerned at this time how the Guccifer hack could impact the running of Clinton’s private email server.

She says she discussed the issue with Bryan Pagliano, Clinton’s computer technician “in or around March 2013, when the email account of Sidney Blumenthal was compromised by a hacker known as Guccifer. As I recall, these discussions involved whether this event might affect Secretary Clinton’s email.”

Clinton changed her email address several days after the Guccifer hack was discovered. However, the server continued to operate and her new email address was also hosted on the same server. It is still unknown whether Pagliano or anyone else took any other security steps in response to the hack. (Politico, 8/10/2016)

March 20, 2013: Gawker publishes an article that reveals Clinton’s use of a private email address and notes it “could be a major security breach.”

The article notes that the hacker nicknamed Guccifer broke into the email account of Clinton confidant Sid Blumenthal. “[W]hy was Clinton apparently receiving emails at a non-governmental email account? The address Blumenthal was writing to was hosted at the domain ‘clintonemail.com’, which is privately registered via Network Solutions. It is most certainly not a governmental account. […] And there seems to be little reason to use a different account other than an attempt to shield her communications with Blumenthal from the prying eyes of FOIA [Freedom of Information Act] requesters.

Neither the State Department nor the White House would immediately comment on whether the White House knew that Blumenthal was digitally whispering in Clinton’s ear, or if the emails were preserved as the law requires. And if, as it appears, Blumenthal’s emails contained information that was classified, or ought to have been treated as such, it could be a major security breach for Clinton to have allowed it to be sent to her on an open account, rather than through networks the government has specifically established for the transmission of classified material.” (Gawker, 3/20/2013)

Late March 2013 or After: Emails between Clinton and Blumenthal are requested, but the State Department will fail to turn them over.

Gawker files a Freedom of Information Act (FOIA) request seeking all emails between Clinton and her confidant Sid Blumenthal. Due to the revelation of Clinton’s exact email address by the hacker nicknamed Guccifer in March 2013, the request specifies that address along with Blumenthal’s AOL [America Online] address.

However, even though some emails between Clinton and Blumenthal had been made public by Guccifer, the State Department eventually tells Gawker it could find no records responsive to the request. The exact timing of the request and the reply is not clear. (The New York Times, 3/3/2015) (Gawker, 3/3/2015)

May 31, 2013: Clinton hires the Colorado-based Platte River Networks to maintain her email server.

The Denver, Colorado, apartment building where Platte River was based until mid-2015. (Credit: Matthew Jones / The Daily Mail)

The Denver, Colorado, apartment building where Platte River was based until mid-2015. (Credit: Matthew Jones / The Daily Mail)

Platte River Networks (PRN) will begin managing the server in early June, with the management of Clinton’s aides Bryan Pagliano and Justin Cooper being phased out as a result. But the Service Level Agreement won’t be signed until July 18, 2013.

The original server is disconnected and shipped from Clinton’s house in Chappaqua, New York, to a data center in New Jersey. (Federal Bureau of Investigation, 9/2/2016) (The Associated Press, 10/7/2015) (McClatchy Newspapers, 10/6/2015)

This takes place three months after the hacker nicknamed Guccifer made public Clinton’s exact email address. However, the process of choosing the company began in January 2013, prior to the Guccifer hack, suggesting the change was at least partially due to Clinton’s time as secretary of state coming to an end in February 2013 instead. (The Washington Post, 9/5/2015)

Platte River will soon relocate Clinton’s server to New Jersey, then replace it with a new server, while keeping the old server running.

Late June 2013—October 2013: During this time, it appears that Clinton’s private server is wide open to hacking attempts.

On May 31, 2013, maintenance of the server was taken over by a small Colorado-based company called Platte River Networks (PRN), and the server is sent to a data center in New Jersey. PRN then pays to use threat monitoring software called CloudJacket SMB made by a company named SECNAP. SECNAP claims the software can foil “even the most determined hackers.”

Around June 30, 2013, PRN transfers all the email accounts from the old server to the new one. However, the new software doesn’t begin working until October 2013, apparently leaving the server vulnerable. It is known that the server is repeatedly attacked by hackers in the months from October 2013 on, but it is unknown if any attacks occur when the software is not yet installed. (The Associated Press, 10/7/2015) 

An FBI report will later obliquely confirm this by mentioning that when the new server is set up in June 2013, all the hardware is built up at the time, except for an “intrusion detection device” which has to be added later after it gets shipped to the server location. (Federal Bureau of Investigation, 9/2/2016)

Justin Harvey (Credit: Third Certainty)

Justin Harvey (Credit: Third Certainty)

Justin Harvey, chief security officer of a cybersecurity company, will later comment that Clinton “essentially circumvented millions of dollars’ worth of cybersecurity investment that the federal government puts within the State Department. […] She wouldn’t have had the infrastructure to detect or respond to cyber attacks from a nation-state. Those attacks are incredibly sophisticated, and very hard to detect and contain. And if you have a private server, it’s very likely that you would be compromised.” (The Associated Press, 10/7/2015) 

In March 2013, a Romanian hacker nicknamed Guccifer discovered Clinton’s private email address and the exact address was published in the media, which would have left the server especially vulnerable in the months after.

July 2013: Clinton’s private server is reconfigured to use a commercial email provider.

The MX Logic logo (Credit: MX Logic)

The MX Logic logo (Credit: MX Logic)

The Colorado-based provider, MX Logic, is owned by McAfee Inc., a top Internet security company. This comes one month after Clinton hired the Colorado-based Platte River Networks to maintain her email server, and four months after a hacker named Guccifer publicly exposed Clinton’s private email address for the first time. (The Associated Press, 3/4/2015) 

Computer security expert Matt Devost will later comment: “The timing makes sense. When she left office and was no longer worried as much about control over her emails, she moved to a system that was easier to administer.” (Bloomberg News, 3/4/2015)

October 2013—February 2014: Clinton’s private email server is the subject of repeated attempted cyber attacks, originating from China, South Korea, and Germany.

The attempts are foiled due to threat monitoring software installed in October 2013. However, from June to October 2013, her server is not protected by this software, and there is no way of knowing if there are successful attacks during that time.

A 2014 email from an employee of SECNAP, the company that makes the threat monitoring software, describes four attacks. But investigators will later find evidence of a fifth attack from around this time. Three are linked to China, one to South Korea, and one to Germany. It is not known if foreign governments are involved or how sophisticated the attacks are.

Clinton had ended her term as secretary of state in February 2013, but more than 60,000 of her emails remained on her server. (The Associated Press, 10/7/2015) 

In March 2013, a Romanian hacker nicknamed Guccifer discovered Clinton’s private email address and the exact address was published in the media.

December 4, 2013: Some Bill Clinton doodles are made public due to the hacker Guccifer.

One of Bill Clinton's doodles. Guccifer added his name to it. (Credit: Guccifer / Gawker)

One of Bill Clinton’s doodles. Guccifer added his name to it. (Credit: Guccifer / Gawker)

Gawker publishes some doodles made by Bill Clinton when he was US president. Gawker claims the doodles come from the Romanian hacker nicknamed Guccifer. It is not clear where or how Guccifer got the doodles, except they come from a folder called “Wjcdrawings.” It is probable the doodles were stored either on The Clinton Library’s server (which has a .gov address) or The Clinton Foundation’s server. (Gawker, 12/4/2013) If it’s the latter, that would help verify Guccifer’s later claim that he looked into Clinton’s private email server, because it apparently was also The Clinton Foundation’s server until early 2015.

January 22, 2014: Guccifer is arrested in Bucharest, Romania, for his hacking activities.

 Romanian authorities arrested Marcel Lazăr Lehel aka Guccifer at his home on January 22, 2014. (Credit: Gawker)

Romanian authorities arrested Marcel Lazăr Lehel aka Guccifer at his home on January 22, 2014. (Credit: Gawker)

Later in the year, he is convicted of various hacking crimes and gets a seven-year sentence in Romania. He hacked into the email accounts of many famous people, including Clinton confidant Sid Blumenthal in March 2013. (Reuters, 4/1/2016(The New York Times, 11/10/2014)

November 2014: The Romanian hacker “Guccifer,” who broke into the email account of Clinton associate Sid Blumenthal in 2013, appears to be freely cooperating with US investigators.

Guccifer, whose real name is Marcel-Lehel Lazar, started serving a seven-year prison sentence in Romania earlier in 2014 due to his hacking activities. A New York Times reporter who interviews him there in November 2014 writes, I learned [he was] also busy meeting with American investigators who had traveled to Romania to meet the man who had outfoxed them for so long. They, too, wanted to find out how he burrowed into so many American computers.” (The New York Times, 11/21/2014)

March 27, 2015: There allegedly is a “massive” FBI investigation of Guccifer’s hack into Blumenthal’s emails.

Cody Shearer (Credit: Vimeo)

Cody Shearer (Credit: Vimeo)

In March 2013, Clinton confidant Sid Blumenthal’s email account was broken into by the Romanian hacker nicknamed Guccifer, and some emails between Blumenthal and Clinton were publicly revealed. Cody Shearer was a business partner with Blumenthal in a company called Osprey Global Solutions that is sometimes mentioned in the hacked emails.

When contacted by Gawker for a comment about such emails, Shearer says that “the FBI is involved and told me not to talk. There is a massive investigation of the hack and all the resulting information.”

Nothing else is known about this investigation, presuming it exists. Shearer is also described by Gawker as “a longtime Clinton family operative.” (Gawker, 3/27/2015)

Late March 2016: Guccifer talks to the FBI while he is extradited to the US.

The Romanian hacker Guccifer is extradited to the US at some point in late March 2016.

In early May 2016, he will claim that on the airplane ride from Romania to the US, “They came after me, a guy from the FBI, from the State Department.” Fox News will report, “A government source confirmed that the hacker had a lot to say on the plane but provided no other details.”

Guccifer will also claim that he talked about some large data files he kept in secure locations as a sort of insurance policy: “I can’t tell now. I can’t tell because I want to talk to the FBI. It is a matter of national security.” However, he seems to indicate the data is not connected to the FBI’s Clinton investigation. (Fox News, 5/7/2016) 

Guccifer has also said he’s talked to US officials since his arrest in Romania in January 2014, including with the FBI in March 2014. (LawNewz, 5/6/2016)

April 1, 2016: Guccifer has been extradited to the US and makes his first appearance in a US court.

Marcel-Lehel Lazar a.k.a. "Guccifer" after being arrested in Romania in 2014. (Credit: Reuters)

Marcel-Lehel Lazar a.k.a. “Guccifer” after being arrested in Romania in 2014. (Credit: Reuters)

Guccifer, a Romanian hacker whose real name is Marcel-Lehel Lazar, was extradited to the US in late March 2016. He hacked into the email accounts of many famous people. In March 2013, he broke into the account of reporter Sid Blumenthal and found emails that used Clinton’s private address, revealing that address to the public for the first time.

Guccifer was arrested in Romania in 2014 and given a combined seven-year sentence in that country for his illegal hacking activities. Last month, the Romanian government agreed to extradite him to the US for 18 months only. It is not clear why, since he is already serving that time in a Romanian prison. (Reuters, 4/1/2016)

Several days later, it is reported that it is “not a coincidence” he is extradited while the FBI is investigating Clinton’s emails and server. This is according to “an intelligence source close to the case.”

Former FBI official Ron Hosko also says, “Because of the proximity to Sidney Blumenthal and activity involving Hillary’s emails, [the timing] seems beyond curious.” (LawNewz, 4/8/2016)

May 4, 2016: Guccifer tells Fox News he accessed Clinton’s private server in 2013.

Guccifer (left) talks to Fox News reporter Catherine Herridge (right). (Credit: Fox News)

Guccifer (left) talks to Fox News reporter Catherine Herridge (right). (Credit: Fox News)

The Romanian hacker nicknamed Guccifer, whose real name is Marcel-Lehel Lazar, has been recently interviewed by Fox News. He claims for the first time that after breaking into the email account of Clinton confidant Sid Blumenthal in March 2013, he traced Clinton’s emails back to her private email server.

He tells Fox News, “For me, it was easy […] easy for me, for everybody.” He says he accessed her server “like twice.” He adds, “For example, when Sidney Blumenthal got an email, I checked the email pattern from Hillary Clinton, from Colin Powell, from anyone else to find out the originating IP [Internet Protocol address]. […] When they send a letter, the email header is the originating IP usually…then I scanned with an IP scanner.”

He said he then used some Internet programs to determine if the server was active and which ports were open. However, the server’s contents did “not interest” him at the time. “I was not paying attention. For me, it was not like the Hillary Clinton server, it was like an email server she and others were using with political voting stuff.”

If he breached the server, it appears he didn’t fully understand what he was seeing, and he has not claimed to have uncovered more of Clinton’s emails. He is interviewed from a US prison and has no documents to back up his claim. However, Fox News reports, “While [his] claims cannot be independently verified, three computer security specialists, including two former senior intelligence officials, said the process described is plausible and the Clinton server, now in FBI custody, may have an electronic record that would confirm or disprove Guccifer’s claims.”

Cybersecurity expert Morgan Wright comments, “The Blumenthal account gave him a road map to get to the Clinton server. […] You get a foothold in one system. You get intelligence from that system, and then you start to move.”

Guccifer claims he wants to cooperate with the US government, adding that he has hidden two gigabytes of data that is “too hot” and is “a matter of national security.”

The Clinton campaign responds, “There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact he offers no proof to support his claims, his descriptions of Secretary Clinton’s server are inaccurate.” (Fox News, 5/4/2016) 

Politico reports, “An internal FBI review of Clinton’s email records did not indicate traces of hacking” according to “a source familiar with the situation.” (Politico, 5/4/2016)

An FBI report in September 2016 will assert that Guccifer admitted in his FBI interview that he lied about his claim to have accessed Clinton’s server.

May 4, 2016: Guccifer also tells NBC News he accessed Clinton’s private server in 2013.

Guccifer (left) being interviewed by Cynthia McFadden (right) inside a Romanian prison complex. (Credit: NBC News)

Guccifer (left) being interviewed by Cynthia McFadden (right) inside a Romanian prison complex. (Credit: NBC News)

Hours after Fox News reports on recently interviewing Romanian hacker Guccifer, NBC News reports on their recent interview with Guccifer. Like the Fox News interview, the main story is that Guccifer claims to have gained access to Clinton’s private email server. He tells NBC News, “It was like an open orchid on the Internet. […] There were hundreds of folders.” He also calls her server “completely unsecured.”

An unnamed source with knowledge of the FBI’s Clinton investigation claims “that with Guccifer in US custody, investigators fully intend to question him about her server.”

While Fox News recently interviewed him in a US prison, NBC News interviewed him from a prison in Bucharest, Romania, where he was until he was extradited to the US in late March 2016. (NBC News, 5/4/2016)

LawNewz notes the timing, and asks, “Why would a major news network sit on such an explosive allegation—especially when the claim directly relates to a presidential candidate and the biggest story the 2016 presidential election cycle?” NBC News has not commented. (LawNewz, 5/4/2016)

An FBI report in September 2016 will assert that Guccifer admitted in his FBI interview that he lied about his claim to have accessed Clinton’s server.

May 25, 2016: Guccifer pleads guilty as part of an apparent deal to cooperate with US investigators.

Judge James Cacheris (Credit: public domain)

Judge James Cacheris (Credit: public domain)

The Romanian hacker nicknamed Guccifer pleads guilty in a US court to charges of identity theft and unauthorized access to protected computers. At a plea hearing before US District Court Judge James Cacheris in Alexandria, VA, he admits that he broke into email and social media accounts of about 100 US citizens between 2012 and 2014.

Guccifer is best known for breaking into the email account of Clinton confidant Sid Blumenthal in March 2013 and thus publicly revealing Clinton’s private email address. He could face up to seven years in prison in the US, on top of the seven years he is already serving in Romania.

He is due to be sentenced on September 1, 2016. However, it is alleged that his guilty plea is part of a deal to cooperate with the US government, possibly including the FBI’s Clinton investigation. It has been reported that he will cooperate with the government in other investigations and be “reasonably available for debriefing and pre-trial conferences as the US may require.” He also has agreed to turn over any documents or other materials “that may be relevant to investigations or inquires.” (LawNewz, 5/25/2016)

May 26, 2016: In an FBI interview, Guccifer says he lied about getting into Clinton’s private server.

Cynthia McFadden interviews Guccifer in Romania on May 4, 2016. (Credit: NBC News)

Cynthia McFadden interviews Guccifer in Romania in April 2016. (Credit: NBC News)

Guccifer, whose real name Marcel-Lehel Lazar, is interviewed by the FBI as part of the FBI’s Clinton email investigation. He appears to have spoken to the FBI previously, but these may have been about other matters, since he hacked dozens of US citizens.

Around the end of April 2016, Guccifer had high-profile interviews with Fox News and NBC News. It was already known that he broke into the email account of Clinton confidant Sid Blumenthal in March 2013 and learned Clinton’s private email address. In both media interviews, Guccifer claimed that he then gained access to Clinton’s private server. But the FBI will later say that Guccifer admitted in his FBI interview that he lied about this.

Additionally, “FBI forensic analysis of the Clinton server during the timeframe [Guccifer] claimed to have compromised the server did not identify evidence that [he] hacked the server.” (Federal Bureau of Investigation, 9/2/2016)

June 10, 2016: Blumenthal confirms he had no security clearance when Clinton was secretary of state.

In a Fox News interview, Clinton confidant Sid Blumenthal is asked if he ever had security clearance when exchanging emails with Clinton, given that many of her emails were later deemed to contain classified material. He responds, “I was her friend, and I had no security clearance, nor did I seek it, nor did anyone ever send me anything that was classified. So I had no access to, nor did I send or receive any classified material.”

Curiously, he also comments about the Romanian hacker nicknamed Guccifer, who broke into his email inbox in 2013: “Marcel Lazar is a Romanian. He worked from a Russian server. He may well be part of a Russian information operation.” (Fox News, 6/11/2016)

June 21, 2016: Guccifer 2.0 is interviewed and claims to be Romanian, not Russian.

Starting June 15, 2015, someone using the nickname “Guccifer 2.0” created a website and started posting files that appear to come from a recent hack of the DNC [Democratic National Committee] computer network. He claims to be a “lone hacker” while some have suggested that he is a front for the Russian government.

For the first time, he is interviewed, by Vice News, through Twitter, so his appearance and location remain unknown. He says he is from Romania, just like the original hacker nicknamed Guccifer, who is now in a US prison. However, Vice News asks him to answer a question in Romanian and he declines to do so. He does make a few comments in Romanian, but they have numerous errors. He says he deliberately left Russian metadata in the leaked documents as his personal “watermark.” Yet he claims, “I don’t like Russians and their foreign policy. I hate being attributed to Russia.”

He says he first breached the DNC network in the summer of 2015. “Then I installed my Trojans on several PCs. I had to go from one PC to another every week so CrowdStrike couldn’t catch me for a long time. I know that they have cool intrusion detection system. But my heuristic algorithms are better.” He claims he finally got kicked out of the network on June 12, 2016, when the DNC “rebooted their system.”

He says he has had other successful hacking attacks, but he refuses to name the targets because “my safety depends on it.” He says he doesn’t care about Donald Trump but targeted the DNC to emulate the work of the original Guccifer. (Vice News, 6/21/2016)

July 7, 2016: FBI Director Comey claims Guccifer admitted he lied about gaining access to Clinton’s private server.

160707BlakeFarentholdpublic

Representative Blake Farenthold (Credit: public domain)

In a Congressional hearing, Representative Blake Farenthold (R) brings up the case of the hacker known as Guccifer, and Guccifer’s claim that he looked into Clinton’s private server. After confirming that the FBI interviewed Guccifer, Farenthold asks FBI Director James Comey, “Can you confirm that Guccifer never gained access to her server?”

Comey replies, “Yeah he did not. He admitted that was a lie.” (CNN, 7/7/2016)

An FBI report published in September 2016 will also assert that Guccifer admitted he lied.

 

July 7, 2016: FBI Director Comey says people other than Blumenthal who regularly communicated with Clinton were successfully hacked.

In a Congressional hearing, Representative Blake Farenthold (R) points out that it has long been known that the hacker nicknamed Guccifer broke into the email account of Clinton confidant Sid Blumenthal and gained access to hundreds of her emails. Then he asks FBI Director James Comey, “During your investigation, were there other people in the State Department or that regularly communicated with Secretary Clinton that you can confirm were successfully hacked?”

Comey replies, “Yes.”

Farenthold confirms, “And were these folks that regularly communicated with the secretary?”

Comey again replies, “Yes.” However he doesn’t give any more details, such as how many such cases there were, or who they were. (Note that this is the only time Blumenthal is mentioned in Comey’s hearing.) (CNN, 7/7/2016)

A September 2016 FBI report will mention an incident in early January 2013, when an unnamed member of Bill Clinton’s staff has her email account on Clinton’s private server broken into by a hacker.

August 10, 2016: Cheryl Mills answers additional questions she failed to answer in her deposition.

Cheryl Mills, Clinton’s former chief of staff at the State Department, was deposed in May 2016 as part of a Freedom of Information Act (FOIA) lawsuit by Judicial Watch. At that time, she refused to answer some questions, citing attorney-client privilege. Judge Emmet Sullivan worked out a compromise to have Mills answer some questions in writing to prevent further litigation, and Mills’ written answers are made public by Judicial Watch on this day.

This written testimony shows that shortly after the hacker known as Guccifer broke into the email account of Clinton confidant Sid Blumenthal and publicy revealed Clinton’s private email address in March 2013, Mills was worried about the potential impact this coud have on Clinton’s private email server. Mills discussed this with Clinton’s computer techician Bryan Pagliano. Clinton’s email address was changed, but it is still unknown if any other security measures were taken. (Politico, 8/10/2016)

September 1, 2016: The Romanian hacker known as Guccifer is sentenced to four years and three months in prison.

160901GucciferNBCNews

Marcel-Lehel Lazar aka Guccifer (Credit: NBC News)

Guccifer, whose real name is Marcel-Lehel Lazar, pled guilty in a US court to two charges earlier in the year, eliminating the need for a trial. He admitted to targeting over 100 Americans over a 14-month period. When he broke into the email account of Clinton confidant Sid Blumenthal in March 2013, he publicly exposed Clinton’s private email address for the first time.

Guccifer has been cooperating with US officials, but federal prosecutors sought a maximum penalty of four and a half years anyway. US District Judge James Cacheris imposes sentence only three months short of that, saying a tough penalty is needed to deter future hacking. Furthermore, while Guccifer confessed, he showed no remorse.

He had already been sentenced to a seven year prison term for hacking in Romania, and was extradited to the US to face charges there. The Romanian government has asked that he be immediately returned to Romania to finish serving his time there. Then, in 2018, he would be sent back to the US to serve his US prison sentence. (The Washington Post, 9/1/2016)