February 1, 2008: Clinton’s private email domain is set up under a false name.

Another view of the Clinton family home in Chappaqua, New York. (Credit: Susan Farley / Getty Images)

A view of the Clinton family home in Chappaqua, New York. (Credit: Susan Farley / Getty Images)

An IP address associated with the clintonemail.com domain later used by Hillary Clinton is registered to “Eric Hoteham” on this date. The IP address for clintonemail.com, along with others registered in Hoteham’s name, is connected to Bill and Hillary Clinton’s home address in Chappaqua, New York. ABC News will later call Hoteham a “mystery man,” since no one with that name is known to exist.

He may or may not be the same as the similarly named Eric Hothem who worked for Bill Clinton when he was president, was an aide for Hillary Clinton in the early 2000s, and has worked for Citicorp and then JP Morgan since. That person has refused to comment on the matter. (ABC News, 3/5/2015) (ABC News, 3/6/2015)

February 1, 2008: The Clinton Foundation’s email domain is linked to Clinton’s private server.

On the same day “Eric Hoteham” (who is probably a Clinton associate named Eric Hothem) registers clintonemail.com for the private server in the Chappaqua house where Bill and Hillary Clinton live, he registers two other domain names: wjcoffice.com and presidentclinton.com. “WJC” most likely stands for Bill Clinton’s full name “William Jefferson Clinton.” The FBI will later determine that this “was primarily a legacy domain that contained mostly forwarded email.” But presidentclinton.com will be used for email accounts of Clinton Foundation employees and other employees of President Clinton.

These other two domains are also based in Clinton’s house, on the same server that will become infamous for containing all of Hillary Clinton’s emails during her tenure as secretary of state. Apparently, the server won’t become operational until around June 2008.

Bil Clinton doesn’t maintain an email account on the server. His wife Hillary won’t start using an email account on the server until January 2009. (ABC News, 3/5/2015) (The New York Times, 3/4/2015) (Federal Bureau of Investigation, 9/2/2016)

August 2008: State Department rules prohibit the way some sensitive information will later be used on Clinton’s private server.

According to the State Department’s Foreign Affairs Manual (FAM), department employees are allowed to send most Sensitive But Unclassified (SBU) information unencrypted over the Internet only when necessary.

In August 2008, the FAM is amended to further toughen the rules on sending SBU information on non-department-owned systems at non-departmental facilities – such as Clinton’s later use of a private email server. Employees have to:

  • ensure that SBU information is encrypted
  • destroy SBU information on their personally owned and managed computers and removable media when the files are no longer required
  • implement encryption certified by the National Institute of Science and Technology (NIST)

The FBI will later determine that SBU information was frequently and knowingly sent to and from Clinton’s private server, but none of these steps were taken. (Federal Bureau of Investigation, 9/2/2016)

Autumn 2008 to Mid-January 2009: It is decided to replace Clinton’s first private server with a larger server built by Pagliano.

080901MacOSXApple

The Mac OS X Logo (Credit: Apple)

Justin Cooper is an aide to former President Bill Clinton, and he is the administrator for the private server located in the Chappaqua, New York, house where Bill and his wife Hillary live. Cooper will later be interviewed by the FBI, and he will say that the decision is made to replace the server because the current server (being run on an Apple OS X computer) is antiquated and people using it are having email troubles.

At the recommendation of Hillary Clinton’s longtime aide Huma Abedin, Cooper contacts Bryan Pagliano, who worked on Clinton’s 2008 presidential campaign as an information technology specialist, to build a new server system and to assist Cooper with administrating it. Pagliano was getting rid of the computer equipment from Clinton’s presidential campaign, so it is decided to use some of this equipment for the new server at the Chappaqua house.

According to a later FBI interview, Hillary Clinton “told the FBI that at some point she became aware there was a server in the basement of her Chappaqua residence. However, she was unaware of the transition from the Apple server managed by Cooper to another server built by Pagliano and therefore, was not involved in the transition decision.”

Between the fall of 2008 and January 2009, Pagliano gets computer equipment from Clinton’s former presidential campaign headquarters, and also works with Cooper to buy additional necessary equipment.

Clinton becomes secretary of state on January 20, 2009, and begins using a clintonemail.com email address around that time, which is hosted on the old Apple server. The new server won’t be operational until March 2009. (Federal Bureau of Investigation, 9/2/2016)

Shortly Before January 13, 2009: Huma Abedin allegedly wants Clinton’s email account on a private server and not on a server that is managed by someone else, so that is what is arranged.

In a September 2016 Congressional hearing, Justin Cooper will reveal some information about how Clinton’s use of a private email account on her private server begins. He will state: “Secretary Clinton was transitioning from her presidential campaign and Senate role and had been using primarily a BlackBerry for email correspondence. There were limitations to her ability to use that BlackBerry as well as desire to change her email address because a number of people have received her email address over the course of those activities. So we created with a discussion, I believe, with [Clinton aide] Huma Abedin at the time [about] what domains might be of interest. We obtained a domain and we added it to the original server used by President Clinton’s office for [Hillary Clinton] to use with her BlackBerry at the time…”

Note that Cooper registers three domain names on January 13, 2009, so this discussion must have occurred before then.

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (R) will ask Cooper in the hearing: “So, your testimony here today is that Huma Abedin said that she would prefer to have Ms. Clinton’s email on a private server versus a server that was actually managed by someone else? That’s your testimony?”

Cooper will reply, “My testimony is that that was communicated to me.”

He will also clarify that when it came to talking to Abedin, “I don’t recall conversations with her about the setting up of the server.” But he also will say, “At some point I had a conversation with her about the setting up of an email account for Secretary Clinton on the server.” (US Congress, 9/13/2016)

However, in Abedin’s April 2016 FBI interview, she will say nothing like this. In fact, she will deny even knowing the server existed until it was mentioned in the media, despite her having an email account hosted on the server for the entire duration of Clinton’s tenure as secretary of state and at least three email exchanges that show her discussing the server during that time. (Federal Bureau of Investigation, 9/2/2016)

January 13, 2009: A Clinton aide registers the email domain that Clinton will use for her private server while Secretary of State.

Justin Cooper (Credit: Pave.com)

Justin Cooper (Credit: Pave.com)

Just prior to Hillary Clinton’s Senate confirmation hearing for secretary of state, Justin Cooper registers three email domains for Hillary Clinton at her Chappaqua, New York, address. One domain, clintonemail.com, will be used for all of Clinton’s emails for at least the next five years. (The Washington Post, 3/10/2015) (The New York Times, 8/8/2015)

Cooper is a long-time personal assistant to Bill Clinton. However, he has “no security clearance and no particular expertise in safeguarding computers, according to three people briefed on the server setup.” (The Washington Post, 8/4/2015)

January 21, 2009: Despite Clinton becoming secretary of state on this day, there is no apparent change in the way her private email server is managed.

Clinton arrives at the State Department on January 22, 2009. (Credit: public domain)

Clinton arrives at the State Department on January 22, 2009. (Credit: public domain)

Her server was installed in her house in Chappaqua, New York, and it continues to reside there. Her IT [Information Technology] expert Bryan Pagliano has been in charge of running it since 2008 as well, and continues to do so.

Yet the Washington Post will later report, “Four computer-security specialists interviewed by the Post said that such a system could be made reasonably secure but that it would need constant monitoring by people trained to look for irregularities in the server’s logs.”

One of the specialists will comment, “For data of this sensitivity… we would need at a minimum a small team to do monitoring and hardening.” (The Washington Post, 3/27/2016)

January 21, 2009—March 29, 2009: During this two-month time period, Clinton’s private email server operates without the standard encryption generally used on the Internet.

Afghanistan President Hamid Karzai visits with Clinton in her outer office at the State Department on January 10, 2013. (Credit: Jonathan Ernst / Reuters)

Afghanistan President Hamid Karzai visits with Clinton in her outer office at the State Department on January 10, 2013. (Credit: Jonathan Ernst / Reuters)

During this time, Clinton and her aides exchange emails discussing “North Korea, Mexico, Afghanistan, military advisers, CIA operations and a briefing for Obama.” Some of the emails will later be redacted, including one written to Clinton about Afghanistan President Hamid Karzai.

In late March, top aide Jake Sullivan emails Clinton a draft of a confidential report she is to make to President Obama. “Attached is a draft of your Mexico trip report to [Obama],” the email states. (The Washington Post, 3/27/2016)

During these two months, Clinton travels to Belgium, Switzerland, Egypt, Israel, Palestine, Turkey, Mexico, Japan, Indonesia, South Korea, and China. Her emails would have almost no defense against eavesdropping by foreign intelligence and hackers during all those trips.

Furthermore, some intelligence agencies are known to attempt eavesdropping around this time. For instance, at a world leader summit in April 2009, British intelligence sets up fake Internet in the hope that government ministers and their staff will use them so their communications can be intercepted. (ComputerWorld, 3/11/2015)

A September 2016 FBI report will determine that “Clinton’s clintonemail.com email traffic was potentially vulnerable to compromise when she first began using her personal account in January 2009. It was not until late March 2009… that access to the server was afforded an added layer of security.” (Federal Bureau of Investigation, 9/2/2016)

February 17, 2009: Clinton and her aides meet with security officials about using BlackBerrys in secure rooms, but no solution is found.

Cheryl Mills (Credit: Black Christian News Network One)

Cheryl Mills (Credit: Black Christian News Network One)

Clinton is frustrated, because she insists on using her personal BlackBerry device for all her emails, but she is not allowed to take it into her suite of offices where she works every day. The BlackBerry is considered a security risk, as it could be hijacked by hackers and turned into a listening device, so she always has to put it into a lockbox before entering her office.

On this day, she and her top aides have a meeting about this. Clinton, her chief of staff Cheryl Mills, and others meet with five National Security Agency (NSA) officials and security officials from the State Department and other agencies. They discuss ways for Clinton and her aides to use their BlackBerrys in secure rooms, but no easy solution is found.

Clinton continues to use her BlackBerry after the meeting while others keep trying to find a solution. Apparently, all the security officials in the meeting are unaware that Clinton’s emails are being stored on a private server in her house.

The Washington Post will later report, “Those officials took no steps to protect the server against intruders and spies, because they apparently were not told about it.” (The Washington Post, 3/27/2016)

March 2009: Clinton’s personal email server is replaced; she will use the new one for the rest of her term as secretary of state.

Justin Cooper, an aide to former President Bill Clinton, has been working with Bryan Pagliano, who worked as a computer technician on Hillary Clinton’s 2008 presidential campaign, to build a new private server located in the Clintons’ Chappaqua, New York, house. Some time in March 2009, Pagliano and Cooper met at the Chappaqua house to physically install the server and related equipment in a server rack in the basement.

Once the new server is up and running, Pagliano migrates the email data from the old server to the new one. Pagliano will later be interviewed by the FBI, and he will claim that after the migration, no email content should have remained on the old server. He will tell the FBI that he only transferred clintonemail.com email accounts for Clinton aide Huma Abedin and others (whose names will later be redacted), and he was unaware of and did not transfer an email account for Hillary Clinton.

However, Clinton emails using a clintonemail.com domain address start getting sent in January 2009, showing she must had had an account on the old server since that time. Cooper will also later be interviewed by the FBI, and he will say he believed Clinton had a clintonemail.com email account on the old server and Abedin did not. The FBI will be unable to obtain the old server to analyze it, so the dispute has not been fully resolved.

130601DellPowerEdge2900public

The Dell Power Edge 2900 (Credit: public domain)

This new server will be used for the rest of Clinton’s term as secretary of state, then will be replaced in 2013. Later in March 2009, the old server is repurposed to serve as a personal computer for household staff at Clinton’s Chappaqua house. (Federal Bureau of Investigation, 9/2/2016)

The Washington Post will later report, “The server was nothing remarkable, the kind of system often used by small businesses, according to people familiar with its configuration at the end of her tenure. It consisted of two off-the-shelf server computers. Both were equipped with antivirus software. They were linked by cable to a local Internet service provider. A firewall was used as protection against hackers.” (The Washington Post, 3/27/2016)

According to the FBI, the new server initially consists of the following equipment: “a Dell PowerEdge 2900 server miming Microsoft Exchange for email hosting and management, a Dell PowerEdge 1950 server miming BlackBerry Enterprise Server (BES) for the management of BlackBerry devices, a Seagate external hard drive to store backups of the Dell PowerEdge 2900 server, a Dell switch, a Cisco firewall, and a power supply.” (Federal Bureau of Investigation, 9/2/2016)

In 2015, Hillary Clinton will say of her server, “It was sitting there in the basement. It was not any trouble at all.” (The Wall Street Journal, 9/27/2015)

March 2009—May 31, 2013: Bryan Pagliano and Justin Cooper jointly manage Clinton’s private server.

160301PaglianoCooperMontage

Bryan Pagliano (left), Justin Cooper (right) (Credit: public domain)

In March 2009, Clinton’s private email server is replaced by a larger one built by her computer technician Pagliano. Cooper had been the only person with administrative access for the previous server, but now both him and Pagliano have administrative accounts on the new one.

Pagliano handles all software upgrades and general maintenance. He works at the State Department in Washington, DC, and there is only evidence of him going to Chappaqua, New York, to directy work on the server three times: in March 2009, to install the server; in June 2011, to upgrade the equipment; and in January 2012, to fix a hardware issue.

By contrast, in a later FBI interview, Cooper will describe his role as “the customer service face.” He can add users or reset passwords on the email server. He also works at the Chappaqua house as an aide to former President Bill Clinton, so it is much easier for him to physically interact with the server there.

Cooper and Pagliano both handle the selection and purchase of server-related items.

In a later FBI interview, Hillary Clinton will state “she had no knowledge of the hardware, software, or security protocols used to construct and operate the servers. When she experienced technical issues with her email account she contacted Cooper for assistance in resolving those issues.”

The roles of Cooper and Pagliano will be phased out in mid-2013, with the Platte River Networks company winning a contact to manage Clinton’s server on May 31, 2013.

Around Spring 2009: Pagliano is warned that classified information could be sent to Clinton’s private server, but there is no sign he takes action or passes this warning on.

When Clinton’s computer technician Bryan Pagliano is interviewed by the FBI in December 2015, he will recall a conversation with a person whose name is redacted that takes place at the beginning of Clinton’s tenure as secretary of state. According to the FBI, this person “advised he would not be surprised if classified information was being transmitted to Clinton’s personal server.”

Pagliano joins the State Department in May 2009, and he also is the main person to manage problems with the server. But there is no mention of him taking any action about this warning or passing it on to anyone else. The unnamed person also gives Pagliano advice on how to improve the server security that goes unheeded as well. (Federal Bureau of Investigation, 9/2/2016)

Around Spring 2009: Clinton’s computer technician is advised to make a key improvement to the security of Clinton’s private server, but the improvement is never made.

When Bryan Pagliano, the manager of Clinton’s private server while she Clinton’s is secretary of state, will be interviewed by the FBI in December 2015, he will recall a conversation that takes place around the beginning of Clinton’s tenure. This person, whose name is later redacted, recommends that email transiting from a state.gov account to Clinton’s private server should be sent through a Transport Layer Security (TLS) “tunnel.” Most of Clinton’s email traffic is with State Department officials using state.gov accounts.

A diagram of the Transport Layer Security (TLS) (Credit: public domain)

A diagram described as Networking 101: Transport Layer Security (TLS) (Credit: public domain)

A September 2016 FBI report will explain: “TLS is a protocol that ensures privacy between communicating applications, such as web browsing, email, and instant messaging, with their users on the Internet. TLS ensures that no third-party eavesdrops on the two-way communication. TLS is the successor to SSL and is considered more secure.”

Pagliano is the main person to manage problems with the server, but he will tell the FBI that the transition to TLS never occurred. It is not clear why. The FBI will be unable to forensically determine if TLS was ever implemented on the server.

The same unnamed person who gives Pagliano this advice also tells him at the same time that he would not be surprised if classified information was being transmitted to Clinton’s personal server.  (Federal Bureau of Investigation, 9/2/2016)

March 17, 2009: An email shows that five State Department officials learned of Clinton’s private server after installing equipment in her house.

John Bentel (Credit: Facebook)

John Bentel (Credit: Facebook)

The State Department’s telecommunications manager Purcell Lee sends an email that contains the agenda for “Secretary Residential Installation Hotwash.” A “hotwash” is an after-action discussion. An attached file lists the electronic equipment in Clinton’s Chappaqua, New York house. It mentions the recent installation of a phone and fax machine for classified communications. But most crucially, it also mentions the existence of Clinton’s private email server with the comment: “Unclassified Partner System: Server: Basement Telephone Closet.” None of the agenda items refer to the existence of the unauthorized server.

Lee’s email is sent to four other State Department officials: Kevin Wagganer, John Bentel, Andrew Scott, and Bruce Duncan. (US Department of State, 6/20/2016)

Bentel is the director of the department’s bureau of Information Resources Management (IRM). He will later deny having any knowledge of Clinton’s server and some will claim he participated in a cover-up, telling others that she had legal authority to use it when she did not. (Yahoo News, 5/27/2016)

March 29, 2009: For the first two months Clinton uses her private server for all her emails, it operates without the standard encryption generally used to protect Internet communication.

Clinton meets Chinese State Councillor Dai Bingguo in the Diaoyutai State Guesthouse in Beijing, China, on February 21, 2009. (Credit: Greg Baker / Getty Images)

Clinton meets Chinese State Councillor Dai Bingguo in the Diaoyutai State Guesthouse in Beijing, China, on February 21, 2009. (Credit: Greg Baker / Getty Images)

This is according to a 2015 independent analysis by Venafi Inc., a cybersecurity firm that specializes in the encryption process. Not until this day does the server receive a “digital certificate” that encrypts and protects communication over the Internet through encryption.

The Washington Post will later report, “It is unknown whether the system had some other way to encrypt the email traffic at the time. Without encryption—a process that scrambles communication for anyone without the correct key—email, attachments and passwords are transmitted in plain text.”

A Venafi official will later comment, “That means that anyone could have accessed it. Anyone.” (The Washington Post, 3/27/2016)

Clinton began sending emails using the server by January 28, 2009, but will later claim she didn’t start using it until March 18, 2009—a two-month gap similar to the two-month gap the server apparently wasn’t properly protected. Apparently, she has not given investigators any of her emails from before March 18. (The New York Times, 9/25/2015)

A 2016 op-ed in the Washington Post will suggest that security concerns during Clinton’s February 2009 trip to Asia could have prompted the use of encryption on her server. (The Washington Post, 4/4/2016)

An FBI report released in September 2016 will confirm that encyption only began in March 2009. It states that “in March 2009, [Bill Clinton aide Justin] Cooper registered a Secure Sockets Layer (SSL) encryption certificate at [Bryan] Pagliano’s direction for added security when users accessed their email from various computers and devices.” (Federal Bureau of Investigation, 9/2/2016)

March 29, 2009: The encryption certificate used on Clinton’s private server starting on this day has an unusually long duration.

It is valid for four years and then will be renewed with a five year certificate in 2013. Kevin Bocek, vice president of security company Venafi, will later say, “Most security professionals wouldn’t recommend that. Google uses three-month certificates.” The certificate used a standard strength 2,048-byte encryption key. However, it doesn’t use “perfect forward secrecy.” That means that if the key is broken, multiple emails can be accessed. (ComputerWorld, 3/11/2015)

A 2016 FBI report will confirm this, mentioning that the certificate is valid until September 13, 2013, at which time a new certificate is obtained which is valid until September 13, 2018. (Federal Bureau of Investigation, 9/2/2016)

July 3, 2009: The NSA begins monitoring government email traffic for hacking attacks, but Clinton’s private server doesn’t benefit.

It is announced that the National Security Agency (NSA) will monitor the email traffic of 12 US government departments, including the State Department, in order to combat hacking. In a monitoring program called Einstein 3, telecommunication companies route data going to and from government networks through the NSA, which examine the traffic for any activity suggestive of an attack. (Wired Magazine, 7/8/2009) 

In 2015, Wired Magazine will note that because Clinton used a private email server, her “email [didn’t] have the benefit of any of that expensive government security.” (Wired, 3/4/2015)

September 20, 2009: Clinton apparently stops receiving emails from a private email address she’d used as a senator.

Her previous email was: hr15@att.blackberry.net, also known as hr15@mycingular.blackberry.net (AT&T and Cingular are the same company). When she became secretary of state in early 2009, she created a new hdr22@clintonemail.com address on her private server and set up her emails from her old address to be forwarded to her new address. According to Clinton spokesperson Nick Merrill, she shuts down the old address around this time, with the last known email coming to that address on September 20, 2009. (Buzzfeed, 7/1/2015)

February 27, 2010: An emails shows that Cheryl Mills and Huma Abedin are aware of Clinton’s private server, and a Bill Clinton aide has an email account on it.

Clinton’s deputy chief of staff Huma Abedin sends an email to Justin Cooper, an aide to Bill Clinton. She forwards a message from Clinton’s chief of staff Cheryl Mills to Clinton that had bounced, and asks Cooper, “HRC [Clinton] email coming back—is server okay?”

He replies, “UR [You are] funny. We are on the same server.” His reply goes to Mills as well as Abedin, indicating that both of them are aware of the existence of Clinton’s private server.

Cooper’s email domain will be redacted when this email is released in 2016, but his comment indicates his email is on the clintonemail.com domain, the same as Clinton’s. (Abedin has an email account on that domain too, but she sends this email from her State Department state.gov account.) (US Department of State, 6/20/2016) 

Cooper is not a government employee and apparently has no security clearance, but other reports indicate he helps Bryan Pagliano manage Clinton’s server.

February 27, 2010: An email sent to Clinton this day indicates that some computer technicians in the State Department have no idea Clinton has a private email address.

Huma Abedin, Clinton’s deputy chief of staff, writes Clinton that after another aide named Judith wrote Clinton an email, “It bounced back. She called the email help desk at state (I guess assuming u had state email) and told them that. They had no idea it was YOU, just some random address so they emailed.” (US Department of State, 8/31/2015)

March 21, 2010: Clinton’s computer technician is using both private and government email accounts for work.

Bryan Pagliano (Credit: Facebook)

Bryan Pagliano (Credit: Facebook)

An email from Bryan Pagliano to Cheryl Mills, Clinton’s chief of staff, on this day that will later be made public shows that Pagliano sometimes uses the email address bpagliano@hillaryclinton.com for work matters. Pagliano is a State Department employee at the time, but he also is managing Clinton’s private email server. In the email, he tells Mills, “Sent a reply from my [redacted] address, but delivery tends to be delayed going to state.gov addresses.” This shows he uses a government email address for work as well. (US Department of State, 1/15/2016) 

The hillaryclinton.com domain was used for people working for Clinton’s 2008 presidential campaign, as Pagliano did. Apparently that domain was kept operational long after the campaign ended.

May 21, 2010—October 21, 2010: Computer records suggest Clinton’s private server could be located at the Clinton Foundation’s headquarters.

The result of an IP location look up of where Clinton's private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

The result of an IP location look up of where Clinton’s private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

According to publicly available computer records, the IP [Internet Protocol] address for the mail.presidentclinton.com server is 24.187.234.187 from at least 2009 to 2011. Records also show that mail.clintonemail.com server has the same exact IP address, 24.187.234.187, from at least May 21, 2010 to October 21, 2010. That means the two servers must have been in the same location for that overlapping time period.

Computer records can also indicate where the IP addresses are physically located, and that IP address at that time is somewhere in the middle of Manhattan, New York City. That makes sense for presidentclinton.com, since former President Bill Clinton’s offices are there, and the Clinton Foundation headquarters is also there. But that would suggest that Hillary Clinton’s clintonemail.com server used for all her secretary of state work is also based in Manhattan and not Chappaqua, New York, for at least part of 2010. (DNS History, 9/7/2015) (DNS History, 9/7/2015) (IP Tracker, 9/3/2015)

Around Mid-2010 and After: After contacting a Secret Service agent about frequent hacking attacks on Clinton’s server, the managers of the server apparently never contact anyone else from other government departments for help.

Justin Cooper (Credit: Alex Wong / Getty Images)

Justin Cooper (Credit: Alex Wong / Getty Images)

According to a September 2016 FBI report, Justin Cooper, a Bill Clinton aide who is helping to manage Clinton’s private server, contacts a Secret Service agent at some point during Clinton’s tenure as secretary of state. It is not clear when this happens, but apparently it is not long after the server begins to be frequently targeted by brute force hacking attacks around the middle of 2010.

Cooper will be asked about this in a September 2016 Congressional hearing shortly after the FBI report is published. He will say, “when we first experienced some of the repeated failed login attempts, I reported them to the Secret Service. … There was an instance where we shared some logs with [them]. … The Secret Service looked at logs from the server and made some recommendations to [server manager Bryan] Pagliano about the possible origins of those failed logins and some techniques he might use to mitigate that problem.” (The Secret Service agent will give advice on improving the server’s security that will not be followed.)

However, when Cooper is asked by Representative Blake Farenthold (R), “Did you turn over the logs and notifications that you received to the FBI, the emails of brute force attacks?” Cooper will say the FBI was not contacted.

Representative Jody Hice (Credit: Twitter)

Representative Jody Hice (Credit: Twitter)

Additionally, when Representative Jody Hice (R) will ask if Cooper consulted with any other “department or agency in the government,” Cooper will say, “No. No consultations of that type.” He will also specifically mention the State Department wasn’t consulted. (US Congress, 9/13/2016)

It’s possible that Pagliano contacted others, but the FBI will interview both Cooper and Pagliano in its investigation and then will mention only the contact with the Secret Service in its final report.

The number of hacking attacks steadily grows through the rest of Clinton’s time in office. (Federal Bureau of Investigation, 9/2/2016)

Around Mid-2010 to January 2013: “Brute force” hacking attempts on Clinton’s private server begin and steadily increase, but it is unknown if any are successful.

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly Roll Call)

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly)

Bryan Pagliano, the manager of Clinton’s private server while she is secretary of state, will be interviewed by the FBI in December 2015. According to an FBI report, he will claim that the server suffered no known security breaches. However, “he was aware there were many failed login attempts, which he referred to as brute force attacks. He added that the failed attempts increased over the life of the [server], and he set up the server’s logs to alert [Justin] Cooper when they occurred. Pagliano knew the attempts were potential attackers because the credentials attempting to log in did not match legitimate users on the system. Pagliano could not recall if a high volume of failed login attempts emanated from any specific country.”

The FBI report will explain, “A brute force attack is a trial-and-error method used to obtain information, such as a password… In a brute force attack, passwords may be attempted manually or automated software can be used to generate a large number of consecutive guesses as to the targeted information.” (Federal Bureau of Investigation, 9/2/2016)

Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about brute force attacks in a September 2016 Congressional hearing. He will respond, “I can’t say with any specificity how many had happened. They happened with some limited frequency over the period of, I’d say the last two and a half years, while she was in office. But we had developed systems to tamper these down.”

Representative Blake Farenthold (R) will ask Cooper that if the brute force attacker managed to enter the correct user name and password, “you wouldn’t have been notified, would you? You would have thought it was Mrs. Clinton or some legitimate user actually getting in?”

After further questioning, Cooper will admit that he only looked at failed attempts and didn’t check for related successful log-ins. (US Congress, 9/13/2016)

Around Mid-2010: A Secret Service agent advises Pagliano to take a step to improve the security of Clinton’s private server, but the step is not taken.

After Bryan Pagliano sets up Clinton’s new private server in January 2009, he sets up Internet Protocol (IP) filtering on the firewall, once a firewall is established in late March 2009. Pagliano will later tell the FBI that he tried to review the firewall log files once a month.

The US Secret Service Badge (Credit: public domain)

The US Secret Service Badge (Credit: public domain)

At some point, Justin Cooper, a Bill Clinton aide who is helping Pagliano manage the server, puts Pagliano in contact with a US Secret Service agent. The timing of this is not clear. However, in a September 2016 Congresssional hearing, Cooper will say it happened after Clinton’s server started to get frequent “brute force” hacking attacks, and that begins around the middle of 2010.

This agent recommends that Pagliano should also perform outbound filtering of email traffic. According to a September 2016 FBI report, “Pagliano further considered, but ultimately did not implement, a Virtual Private Network (VPN) or two-factor authentication to better secure administrative access to the server system by him and Cooper.”

The FBI report will explain: “‘VPN’ is a private network that runs on top of a larger network to provide access to shared network resources, which may or may not include the physical hard drives of individual computers… VPN offers an additional layer of security by encrypting the data traveling to the private network before sending it over the Internet. Data is then decrypted when it reaches the private network. … ‘Two-factor authentication’ is a method of confirming a user’s claimed identity by utilizing a combination of two different components…” (Federal Bureau of Investigation, 9/2/2016) (US Congress, 9/13/2016)

July 24, 2010: Clinton may start accessing the Internet at her Washington home using an unsecure, typical Wi-Fi connection.

Philippe Reines (Credit: Washington Post)

Philippe Reines (Credit: Washington Post)

Clinton and Philippe Reines have an email chain about Clinton’s new iPad. Reines is Clinton’s press secretary and a senior advisor. It is a Saturday and apparently Clinton is at her home in Washington, DC, and trying to get her new iPad to work. She cannot connect to the Internet with it, so she asks Reines, “I don’t know if I have wi-fi. How do I find out?” (Wi-Fi technology allows one to connect to the Internet using a wireless local area network.)

Reines responds, “Let me talk to Justin & Huma to check out the situation, and if there is wi-fi I’m happy to swing by and set it up.” “Justin” is a likely reference to Clinton aide Justin Cooper, who registered Clinton’s private server in her Chappaqua, New York, house, and “Huma” is a likely reference to Clinton’s deputy chief of staff Huma Abedin. (US Department of State, 11/30/2015) 

It is not known what happens, but it appears Reines is prepared to enable Clinton to regularly use her iPad at her home using a typical Wi-Fi network, without any extra security measures. Clinton begins using her iPad for her emails the next day, while continuing to use her BlackBerry. (US Department of State, 8/31/2015)

July 25, 2010: Clinton begins using an iPad for work, as well as continuing to use her BlackBerry.

Clinton poses with an iPad during a book signing event on June 17, 2014. (Credit: The Associated Press)

Clinton poses with an iPad during a book signing event on June 17, 2014. (Credit: The Associated Press)

An email exchange shows her iPad has recently arrived, and she is excited to learn how to use it. An account on her official website in 2015 will say, “When the iPad came out in 2010, she was as curious as others and found it great for shopping, browsing, and reading articles when she traveled. She also had access to her email account on her iPad and sometimes used it for that too.” (Hillaryclinton.com, 7/13/2015) (US Department of State, 8/31/2015)

December 2010: Pagliano gets help from other State Department staffers to fix a communication problem involving Clinton’s private server.

Clinton’s computer technician Bryan Pagliano is working with staff from the State Department’s Information Resources Management (IRM) office to resolve issues affecting the ability of emails sent from Clinton’s private server to be received at department .gov email addresses. Pagliano shows some staffers the computer logs from the server. The issue is eventually resolved. On December 21, 2010, IRM staff send an email to Clinton’s top aides describing the issue and summarizing what was done to resolve it. This appears to be one of the few times Clinton’s server is discussed with other department employees. (US Department of State, 5/25/2016)

Late 2010 or Early 2011: Clinton’s computer technician is given a briefing; this shows some know Clinton has a private server.

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

According to later released emails, Bryan Pagliano receives an IT [information technology] security briefing in late 2010 or early 2011. It has to do with cybersecurity risks facing the State Department. A letter by Charles Grassley (R) which summarizes the emails says this briefing is “in connection with his work on the Secretary’s non-government server.” Pagliano continues to run Clinton’s private email server after he is hired by the State Department in May 2009, and at least initially, his bosses and co-workers don’t know about his second job with Clinton’s server. It’s not clear who else learns about it and when. (Reuters, 3/24/2016) (US Department of State, 5/25/2016)

2011—2013: Very few employee emails are being permanently archived in the State Department.

According to a 2015 State Department inspector general report, in 2011, only 61,156 department emails out of a billion are formally archived, a rate of far less than one percent. In 2013, the number is even lower, only 41,749. Clinton will later justify her use of a private email address by claiming that her emails to other government officials would be permanently archived through their email accounts. (Politico, 3/11/2015)

January 9, 2011–January 10, 2011: Clinton’s private server is shut down after an apparent hacking attack.

Kim Jong Il (front right) posing with Bill Clinton (front left) and his delegation, Justin Cooper (back left), John Podesta (back center), Doug Band (back right), in Pyongyang on August 4, 2009, to secure the release of detained American journalists Euna Lee and Laura Ling. (Credit: Lee Jin-man / The Associated Press)

Kim Jong Il (front right) posing with Bill Clinton (front left) and his delegation, Justin Cooper (back left), John Podesta (back center), Doug Band (back right), in Pyongyang on August 4, 2009, to secure the release of detained American journalists Euna Lee and Laura Ling. (Credit: Lee Jin-man / The Associated Press)

Justin Cooper is a former advisor to President Clinton who provides technical support to Clinton’s private email server. On January 9, 2011, he emails Clinton’s deputy chief of staff, Huma Abedin, that “he had to shut down the server” because he believes “someone was trying to hack us and while they did not get in I didn’t want to let them have the chance to.”

Later in the day, Cooper emails Abedin to warn her, “We were attacked again so I shut [the server] down for a few min [minutes].”

On January 10, Abedin emails Clinton’s chief of staff, Cheryl Mills, and another Clinton aide and tells them not to email “anything sensitive” to Clinton, and says she can “explain more in person.”

Department policy requires employees to report suspicious cybersecurity incidents to security officials. However, a 2016 State Department inspector general’s investigative report will find no evidence that Clinton or her staff reported this incident to anyone else within the department. (US Department of State, 5/25/2016)

March 13, 2011—March 14, 2011: An email chain shows that Clinton is far from the only US official emailing obviously classified information.

Jeffrey D. Feltman (Credit: Patrick Tsui / FCO)

Jeffrey D. Feltman (Credit: Patrick Tsui / FCO)

On March 13, 2011, Assistant Secretary of State for Near Eastern Affairs Jeffrey D. Feltman writes in an urgent email that Saudi Arabia and The United Arab Emirates are sending troops into the neighboring country of Bahrain to quash anti-government protests there. The email is sent to more than 20 other US officials, and then replied to and forwarded ten times in the next 24 hours. Recipients include Clinton, US Ambassador to Kuwait Deborah Jones, Homeland Security Adviser John Brennan, Deputy National Security Adviser Denis McDonough, and US Ambassador to the United Nations Susan Rice.

Feltman’s original email and some of the replies contain information later deemed classified. However, many of the emails in the chain are sent through the State Department’s unclassified system, state.gov, nicknamed “the low side,” instead of the department’s system for classified information, nicknamed “the high side.” Clinton’s private server is considered even less secure than “the low side.”

The New York Times will later report on the email chain to illustrate how widespread the emailing of obviously classified information through improper channels had become during this time period. (The New York Times, 5/10/2016) (US Department of State, 2/29/2016)

August 30, 2011: An attempt to give Clinton a government-approved BlackBerry fails, revealing that some of her top aides know she is using a private server.

Stephen Mull (Credit: The Wall Street Journal)

Stephen Mull (Credit: The Wall Street Journal)

Clinton’s private BlackBerry temporarily stops working, due to disruptions in the New York area following Hurricane Irene. Stephen Mull, the State Department’s executive secretary, emails Clinton’s top aides Huma Abedin, Cheryl Mills, and Patrick Kennedy about getting a government-issued BlackBerry linked to a government server for Clinton.

Mull writes, “We are working to provide the Secretary per her request a Department issued BlackBerry to replace personal unit, which is malfunctioning (possibly because of her personal email server is down.) We will prepare two versions for her to use – one with an operating State Department email account (which would mask her identity, but which would also be subject to FOIA requests), and another which would just have phone and Internet capability.”

Abedin responds, “Steve – let’s discuss the state BlackBerry. doesn’t make a whole lot of sense.”

It’s not clear why Abedin doesn’t like the idea, and Clinton will continue to use her private BlackBerry. But Mull’s mention of Clinton’s “personal email server” is proof that Mull, Abedin, Mills, and Kennedy had to be aware at least due to this email that Clinton in fact had a private email server, and yet they do nothing about it.

In February 2016, US District Judge Emmet Sullivan will cite that email when he says in court that it’s a legitimate question if some officials were helping Clinton to keep all of her emails out of reach of public records requests. He will comment, “We’re talking about a Cabinet-level official who was accommodated by the government for reasons unknown to the public. And I think that’s a fair statement: For reasons heretofore unknown to the public. And all the public can do is speculate. […] This is all about the public’s right to know.” (The Washington Post, 3/27/2016)

September 18, 2011: Clinton’s use of an iPad undercuts her excuse for having only one email account.

Huma Abedin talks on her cell phone in Addis Ababa, Ethiopia, on June 13, 2011. (Credit: Reuters)

Huma Abedin talks on her cell phone in Addis Ababa, Ethiopia, on June 13, 2011. (Credit: Reuters)

Clinton sends an email to her deputy chief of staff Huma Abedin in which she writes, “Also, pls [please] let me know if you got a reply from my iPad. I’m not sure replies go thru.” This reveals that Clinton is using an iPad as well as a BlackBerry for her work-related emails.

In March 2015, the Washington Post will comment, “The anecdote undercuts Clinton’s argument for having a private, non-governmental email server. Weeks ago, she said that it seemed ‘easier to carry one device for my work, instead of two.’ The iPad revelation suggests that as secretary of state, Clinton sent work email on more than one device.” (The Washington Post, 3/31/2015) 

Later in 2015, Clinton’s official website will mention that she began using an iPad in 2010, one year into her four years as secretary of state. (Hillaryclinton.com, 7/13/2015)

October 29, 2011: A Bill Clinton aide handles a problem with the Clinton private server.

Justin Cooper writes in an email to Clinton’s deputy chief of staff Huma Abedin, “Fyi [For your information] clintonemail.com is down due to an outage with our ISP. Our actual systems are up. If it looks to be long term ie past tomorrow I will reroute the mail. [You] or Oscar can tell HRC [Clinton].” (US Department of State, 6/20/2016)

This indicates that Cooper is helping Bryan Pagliano to manage Clinton’s private server (at the clintonemail.com domain) and has some technical ability if he can reroute the email. However, he is not a government employee and apparently has no security clearance. Instead, he is an aide to Bill Clinton and likely spends a lot of time at the Chappaqua, New York house where both Bill and the server are.

December 29, 2011: Two more Bill Clinton aides may have access to the Clinton private server, despite probably lacking the proper security clearances.

Bernadette Meehan (Credit: public domain)

Bernadette Meehan (Credit: public domain)

Bernadette Meehan, a special assistant to Clinton, sends an email to Clinton’s deputy chief of staff Huma Abedin and a few others. Apparently, Clinton is spending Christmas vacation at a resort in Punta Cana, Dominican Republic, as she does every year, and she is having trouble getting an Internet connection for her BlackBerry.

Abedin emails Justin Cooper, an aide to Bill Clinton, about this. She asks, “Are we having problem with clintonemail?”

Cooper says there are “No issues on our end.” But he apparently is not at the Chappaqua, New York, house were the server is, because he adds that he is CCing Oscar Flores and Jon Davidson “who are there to see if they are having trouble.” (US Department of State, 6/20/2016) (The Associated Press, 4/13/2015)

This is further evidence that Cooper, who is not a government employee and apparently has no security clearance, is helping to manage Clinton’s private server. Flores is Bill Clinton’s personal valet and is said to spend a lot of time with him at the Clinton’s Chappaqua, New York, house. (Politico, 9/24/2010) Davidson is Bill Clinton’s deputy chief of staff. (New York Magazine, 4/14/2015

This raises the possibility that two more people without proper authorization had access to all of Clinton’s emails on her server.

2012: Clinton’s private server is vulnerable to a hacker attack described in a government warning.

Marc Maiffret (Credit: Fox News Business)

Marc Maiffret (Credit: Fox News Business)

The Homeland Security Department’s Computer Emergency Readiness Team issues a warning about remote access attacks, that would allow hackers to take control of computers. The warning notes that “An attacker with a low skill-level would be able to exploit this vulnerability.”

In 2015, the Associated Press will report that Clinton’s private email server could have been vulnerable to a hostile takeover by this very type of attack. Clinton’s server appears to have lacked encrypted protections, and could accept commands from the computers over the Internet.

Marc Maiffret, who founded two cybersecurity companies, will later comment, “That’s total amateur hour. […] Real enterprise-class security, with teams dedicated to these things, would not do this.”

Another cybersecurity expert, Justin Harvey, will comment that Clinton’s server “violates the most basic network-perimeter security tenets: Don’t expose insecure services to the Internet.” (The Associated Press, 10/13/2015)

2012: Clinton’s private server is still run on software newly prohibited by the State Department.

At some point in 2012, The State Department bans the use of remote-access software for its technology officials to maintain unclassified servers, unless a waiver is given. It also bans all instances of remotely connecting to classified servers. However, according to records from December 2012, Clinton’s private email server continues to use remote-access software, and no evidence of a waiver allowing this has yet emerged.

Computer security expert Mikko Hypponen will say in 2015 that the use of remote-access software on her server was “clearly serious” and could have allowed hackers to run malicious software on it. (The Associated Press, 10/13/2015)

August and December 2012: An Internet-wide hacker attack makes Clinton’s private server even more vulnerable.

An anonymous hacker using a computer in Serbia scans hundreds of millions of Internet addresses for accessible openings, called “ports.” Clinton’s private server is scanned by this hacker in August 2012 and again in December. The hacker’s millions of results are then made widely available on-line. It is unknown if anyone looking at this data figures out if the server belongs to Bill and Hillary Clinton, although the name “clintonemail.com” is a clue. (The Associated Press, 10/13/2015)

October 10, 2012: Clinton’s private server has trouble again, and an aide to Bill Clinton helps out.

Clinton’s deputy chief of staff Huma Abedin sends an email to Justin Cooper, an aide to Bill Clinton. She asks, “Is Clinton email down?” Cooper replies, “It was. Back up now.” (US Department of State, 6/20/2016) This is further evidence that Cooper, who is not a government employee and apparently has no security clearance, helps manage Clinton’s private email server.

Around October 28, 2012: Clinton’s computer technician is still managing her private server, but there is no known email trail.

Clinton’s private email server in Chappaqua, New York, stops working for days after New York is hit by Hurricane Sandy. Bryan Pagliano is still the lead specialist for the server and is tasked to fix it. The email system is not always reliable, and Pagliano is always the one on call to fix problems as they come up. (The Washington Post, 8/4/2015) However, no emails between Pagliano and Clinton will be included in Clinton’s over 30,000 publicly released work emails, except for one where he wishes her a happy birthday. (US Department of State, 11/30/2015)

October 30, 2012: Pagliano wants State Department help for Clinton’s private server, but doesn’t get it.

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

Starting around October 28, 2012, Hurricane Sandy disrupts power in the New York City area for a few days, including the Chappaqua, New York, area where Clinton’s private email server is located. On October 30, an email exchange between Clinton’s deputy chief of staff Huma Abedin and another Clinton aide discusses that Clinton’s private server is down. Abedin’s main email account is hosted on the server.

Clinton’s computer technician Bryan Pagliano meets with staff from the department’s Information Resources Management (IRM) to find out if the department could provide support for Clinton’s server. Staffers tell Pagliano they can’t help because it is a private server.

This appears to be a very rare instance in which the existence of the server is mentioned to other department employees. (US Department of State, 5/25/2016)

November 2012: Clinton’s private email account is reconfigured to use Google’s servers as a backup in case her personal server fails.

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

This is according to Internet records; it is likely in response to the server crashing for several days after Hurricane Sandy one month earlier. The choice of Google is curious because Clinton herself claimed that in June 2011, the Chinese government tried to break into the Google email accounts of senior US government officials. (The Associated Press, 3/4/2015)

January 2013—May 31, 2013: Clinton uses an agent to find new management for her private server.

Tania Neild (Credit: public domain)

Tania Neild (Credit: public domain)

Tania Neild runs a company called InfoGrate that connects very wealthy people with companies who oversee their personal technologies, such as emails, and her company is based only about twenty miles from Clinton’s New York house. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

An FBI report will later state that “due to user limitations and reliability concerns regarding the [existing] server, staff for [Hillary] Clinton and President [Bill] Clinton discussed future email server options, and a search was initiated to find a vendor to manage a Clinton email server. Additionally, [Clinton’s computer technician Bryan] Pagliano’s expressed desire to seek new employment contributed to the decision to move to a new server.”

Clinton will also be interviewed, and she will recall “that the transition to [a new company] was initiated by President Clinton’s aides seeking a higher level of service than could be provided by the [existing] server.”

Around January 2, 2013, Neild is introduced to Clinton’s chief of staff Cheryl Mills through an unnamed mutual business associate. Neild will later tell the FBI that she worked with Mills and Pagliano to produce a proposal to solicit responses from multiple companies. (Federal Bureau of Investigation, 9/2/2016)

January 2013, Platte River Networks, a small company based in Colorado, is told by Neild they are in he running for a new contract. In mid-February, they find out they are a finalist for the contract, and that they might be working for Clinton. They will be hired by Clinton to manage her private server on May 31, 2013. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

01-2013AlexMcGeorgeNewsmax

Alex McGeorge (Credit: Newsmax)

Pagliano will later tell the FBI who made the final decision to pick Platte River. But this person’s name will be redacted, and only identified as someone working for President Clinton. (Federal Bureau of Investigation, 9/2/2016)

In retrospect, the choice of Platte River will seem to be an odd one. Cybersecurity expert Alex McGeorge will later comment, “My big issue here is do you want a small firm with little/no government experience or contracting (according to what’s being reported) and no stated security expertise to be in charge of the email system for our secretary of state? That is fundamentally ridiculous.” (Business Insider, 8/17/2015)

January 5, 2013: Someone accesses the email account of one of Bill Clinton’s staffers on the private server used to host Hillary Clinton’s emails.

130101TorLogopublic

The Tor Logo (Credit: public domain)

This is according to a FBI report that will be released in September 2016. It is known the staffer whose account gets breached is female, but her name will be redacted. The unnamed hacker uses the anonymity software Tor to browse through this staffer’s messages and attachments on the server.

The FBI will call this the only confirmed “successful compromise of an email account on the server.” But the FBI will not be able to determine who the hacker is or how the hacker obtained the staffer’s username and password to access her account. (Federal Bureau of Investigation, 9/2/2016)

Wired will later comment, “The compromise of a Bill Clinton staffer—who almost certainly had no access to any of then-Secretary Clinton’s classified material—doesn’t make the security of those classified documents any clearer. But it will no doubt be seized on by the Clintons’ political opponents to raise more questions about their server’s security.”

Dave Aitel (Credit: Immunity)

Dave Aitel (Credit: Immunity)

Clinton’s computer technician Bryan Pagliano is in charge of monitoring the server’s access logs at the time.

But Dave Aitel, a former NSA security analyst and founder of the cypersecurity company Immunity, will later comment that the breach shows a lack of attention to the logs. “They weren’t auditing and restricting IP addresses accessing the server. That’s annoying and difficult when your user is the secretary of state and traveling all around the world… But if she’s in Russia and I see a login from Afghanistan, I’d say that’s not right, and I’d take some intrusion detection action. That’s not the level this team was at.” (Wired, 9/2/2016)

When Pagliano is interviewed by the FBI in December 2015, he will claim that he knew of no instance when the server was successfully breached, suggesting he didn’t know about this incident. (Federal Bureau of Investigation, 9/2/2016)

And when Justin Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about the incident in September 2016, he will say he knew nothing about it until he read about it in the FBI report released earlier that month. (US Congress, 9/13/2016)

February 13, 2013: Clinton’s deputy chief of staff Huma Abedin signs a pledge that she has given all of her work-related documents back to the State Department, but she didn’t.

Huma Abedin on her cell phone in Londonderry, New Hampshire, on January 3, 2016. (Credit: Rick Friedman / Corbis)

Huma Abedin on her cell phone in Londonderry, New Hampshire, on January 3, 2016. (Credit: Rick Friedman / Corbis)

All State Department officials are required to sign the “separation statement” when they leave the department, known as the OF-109 form. However, Abedin has a private email address (huma@clintonemail.com) on the same private server that Clinton does, and when she leaves the department in February 2013 she does not turn over any of her emails from it, including work-related emails.

Her emails will not be handed over until a couple of years later, after various lawsuits and investigations. In signing the form, Abedin acknowledges she could be subject to “criminal penalties” for lying on the document.

The Hill will later report, “It’s unclear whether Abedin would be subject to prosecution, given the unusual nature of Clinton’s private email setup.” (The Hill, 11/13/2015) (US Department of State, 9/11/2015)

March 14, 2013: Guccifer accesses the email account of Clinton confidant Sid Blumenthal.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large "G" for "Guccifer" added. Because it was sent on February 16, 2013, two weeks after Clinton's term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large “G” for “Guccifer” added. Because it was sent on February 16, 2013, two weeks after Clinton’s term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

Guccifer, an unemployed Romanian whose real name is Marcel-Lehel Lazar, breaks into the AmericaOnline (AOL) email account of Blumenthal. Guccifer does not have typical hacking skills but instead attempts to guess passwords and answers security questions. In recent months, he broke into the accounts of famous people, or the friends and family of famous people, including those of former secretary of state Colin Powell and former US president George W. Bush.

He takes screenshots of the text of emails of Clinton and Blumenthal discussing sensitive foreign policy issues during her time as secretary of state. He also takes a screenshot of Blumenthal’s inbox showing a list of the latest emails sent from Clinton.

In the next few days, the screenshots are made public, and for the first time, Clinton’s private email address hdr22@clintonemail.com is revealed to the world. (USA Today, 3/22/2013) (The Smoking Gun, 3/3/2015)

March 15, 2013—March 20, 2013: Various international media outlets reveal that Guccifer broke into Blumenthal’s email account and discovered Clinton’s private email address.

On March 15, 2013, one day after Guccifer accesses Blumenthal’s account, the US-based website the Smoking Gun publishes an article about this and reveals that Guccifer has sent screenshots of emails between Blumenthal and Clinton. (The Smoking Gun, 3/15/2013) 

The next day, Guccifer sends emails to dozens of news organizations around the world, but especially in the US and Russia, and the screenshots are included. He sends the emails from another account he’s broken into in order to hide his true identity.

The Smoking Gun publishes a story on this on March 18. (The Smoking Gun, 3/18/2013) 

The leak attracts little attention at the time, though some media outlets like Salon, Gawker, and The Russian Times cover it on March 19 and 20. (Gawker, 3/19/2013) (Salon, 3/19/2013) (The Russian Times, 3/20/2013) An article in Gawker asks, “Why was Clinton apparently receiving emails at a non-governmental email account?” (The Washington Post, 3/10/2015) 

Despite this, Clinton does not shut down her server at all, and on March 20, her private email account hosted on the server will still be active. (Gawker, 3/3/2015)

Shortly After March 15, 2013: After her email address is exposed, Clinton changes to a new email address run from the same server.

Marcel-Lehel Lazar, a.k.a. "Guccifer" (Credit: Cristian Movila / The New York Times)

Marcel-Lehel Lazar, a.k.a. “Guccifer” (Credit: Cristian Movila / The New York Times)

Marcel-Lehel Lazar, the hacker nicknamed “Guccifer,” exposes Clinton’s private email address hdr22@clintonemail.com to the public on March 15, 2013. Clinton then changes her email address to hrod17@clintonemail.com, though it is unclear exactly how quickly she does this. In 2015, Clinton spokesperson Nick Merrill will only say that her new address is registered some time in March 2013.

But this new address shows that it is still being run from the same private server, which would be even more vulnerable now that its existence has been publicly exposed. (Hillaryclinton.com, 7/13/2015) (USA Today, 5/22/2015) (Buzzfeed, 7/1/2015

Clinton’s old mail account is still working on March 20, 2013, but her new account could have been made prior to that. (Gawker, 3/3/2015) 

Clinton will make some security changes, but apparently not until the end of May 2013, when she will hire a new company to manage her server. (McClatchy Newspapers, 10/6/2015)

March 20, 2013: A Gawker reporter sends an email to Clinton’s private address and it does not bounce, confirming the account is still active.

The Gawker email to Clinton on March 20, 2013. (Credit: public domain)

The Gawker email to Clinton on March 20, 2013. (Credit: public domain)

This comes five days after the hacker known as Guccifer broke into the email account of Clinton confidant Sid Blumenthal and shortly thereafter publicly revealed Clinton’s exact private email address. The email asks Clinton, “Was the White House aware of your consultations with Blumenthal? And were your emails to and from the hdr22@clintonemail.com account archived according to the provisions of the President Records Act and Freedom of Information Act?” But Clinton never replies, and it doesn’t seem that other reporters ask Clinton these questions in 2013. (Gawker, 3/3/2015)