February 1, 2008: Clinton’s private email domain is set up under a false name.

Another view of the Clinton family home in Chappaqua, New York. (Credit: Susan Farley / Getty Images)

A view of the Clinton family home in Chappaqua, New York. (Credit: Susan Farley / Getty Images)

An IP address associated with the clintonemail.com domain later used by Hillary Clinton is registered to “Eric Hoteham” on this date. The IP address for clintonemail.com, along with others registered in Hoteham’s name, is connected to Bill and Hillary Clinton’s home address in Chappaqua, New York. ABC News will later call Hoteham a “mystery man,” since no one with that name is known to exist.

He may or may not be the same as the similarly named Eric Hothem who worked for Bill Clinton when he was president, was an aide for Hillary Clinton in the early 2000s, and has worked for Citicorp and then JP Morgan since. That person has refused to comment on the matter. (ABC News, 3/5/2015) (ABC News, 3/6/2015)

August 2008: State Department rules prohibit the way some sensitive information will later be used on Clinton’s private server.

According to the State Department’s Foreign Affairs Manual (FAM), department employees are allowed to send most Sensitive But Unclassified (SBU) information unencrypted over the Internet only when necessary.

In August 2008, the FAM is amended to further toughen the rules on sending SBU information on non-department-owned systems at non-departmental facilities – such as Clinton’s later use of a private email server. Employees have to:

  • ensure that SBU information is encrypted
  • destroy SBU information on their personally owned and managed computers and removable media when the files are no longer required
  • implement encryption certified by the National Institute of Science and Technology (NIST)

The FBI will later determine that SBU information was frequently and knowingly sent to and from Clinton’s private server, but none of these steps were taken. (Federal Bureau of Investigation, 9/2/2016)

Autumn 2008 to Mid-January 2009: It is decided to replace Clinton’s first private server with a larger server built by Pagliano.

080901MacOSXApple

The Mac OS X Logo (Credit: Apple)

Justin Cooper is an aide to former President Bill Clinton, and he is the administrator for the private server located in the Chappaqua, New York, house where Bill and his wife Hillary live. Cooper will later be interviewed by the FBI, and he will say that the decision is made to replace the server because the current server (being run on an Apple OS X computer) is antiquated and people using it are having email troubles.

At the recommendation of Hillary Clinton’s longtime aide Huma Abedin, Cooper contacts Bryan Pagliano, who worked on Clinton’s 2008 presidential campaign as an information technology specialist, to build a new server system and to assist Cooper with administrating it. Pagliano was getting rid of the computer equipment from Clinton’s presidential campaign, so it is decided to use some of this equipment for the new server at the Chappaqua house.

According to a later FBI interview, Hillary Clinton “told the FBI that at some point she became aware there was a server in the basement of her Chappaqua residence. However, she was unaware of the transition from the Apple server managed by Cooper to another server built by Pagliano and therefore, was not involved in the transition decision.”

Between the fall of 2008 and January 2009, Pagliano gets computer equipment from Clinton’s former presidential campaign headquarters, and also works with Cooper to buy additional necessary equipment.

Clinton becomes secretary of state on January 20, 2009, and begins using a clintonemail.com email address around that time, which is hosted on the old Apple server. The new server won’t be operational until March 2009. (Federal Bureau of Investigation, 9/2/2016)

Shortly Before January 13, 2009: Huma Abedin allegedly wants Clinton’s email account on a private server and not on a server that is managed by someone else, so that is what is arranged.

In a September 2016 Congressional hearing, Justin Cooper will reveal some information about how Clinton’s use of a private email account on her private server begins. He will state: “Secretary Clinton was transitioning from her presidential campaign and Senate role and had been using primarily a BlackBerry for email correspondence. There were limitations to her ability to use that BlackBerry as well as desire to change her email address because a number of people have received her email address over the course of those activities. So we created with a discussion, I believe, with [Clinton aide] Huma Abedin at the time [about] what domains might be of interest. We obtained a domain and we added it to the original server used by President Clinton’s office for [Hillary Clinton] to use with her BlackBerry at the time…”

Note that Cooper registers three domain names on January 13, 2009, so this discussion must have occurred before then.

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (R) will ask Cooper in the hearing: “So, your testimony here today is that Huma Abedin said that she would prefer to have Ms. Clinton’s email on a private server versus a server that was actually managed by someone else? That’s your testimony?”

Cooper will reply, “My testimony is that that was communicated to me.”

He will also clarify that when it came to talking to Abedin, “I don’t recall conversations with her about the setting up of the server.” But he also will say, “At some point I had a conversation with her about the setting up of an email account for Secretary Clinton on the server.” (US Congress, 9/13/2016)

However, in Abedin’s April 2016 FBI interview, she will say nothing like this. In fact, she will deny even knowing the server existed until it was mentioned in the media, despite her having an email account hosted on the server for the entire duration of Clinton’s tenure as secretary of state and at least three email exchanges that show her discussing the server during that time. (Federal Bureau of Investigation, 9/2/2016)

January 21, 2009: Despite Clinton becoming secretary of state on this day, there is no apparent change in the way her private email server is managed.

Clinton arrives at the State Department on January 22, 2009. (Credit: public domain)

Clinton arrives at the State Department on January 22, 2009. (Credit: public domain)

Her server was installed in her house in Chappaqua, New York, and it continues to reside there. Her IT [Information Technology] expert Bryan Pagliano has been in charge of running it since 2008 as well, and continues to do so.

Yet the Washington Post will later report, “Four computer-security specialists interviewed by the Post said that such a system could be made reasonably secure but that it would need constant monitoring by people trained to look for irregularities in the server’s logs.”

One of the specialists will comment, “For data of this sensitivity… we would need at a minimum a small team to do monitoring and hardening.” (The Washington Post, 3/27/2016)

February 17, 2009: Clinton and her aides meet with security officials about using BlackBerrys in secure rooms, but no solution is found.

Cheryl Mills (Credit: Black Christian News Network One)

Cheryl Mills (Credit: Black Christian News Network One)

Clinton is frustrated, because she insists on using her personal BlackBerry device for all her emails, but she is not allowed to take it into her suite of offices where she works every day. The BlackBerry is considered a security risk, as it could be hijacked by hackers and turned into a listening device, so she always has to put it into a lockbox before entering her office.

On this day, she and her top aides have a meeting about this. Clinton, her chief of staff Cheryl Mills, and others meet with five National Security Agency (NSA) officials and security officials from the State Department and other agencies. They discuss ways for Clinton and her aides to use their BlackBerrys in secure rooms, but no easy solution is found.

Clinton continues to use her BlackBerry after the meeting while others keep trying to find a solution. Apparently, all the security officials in the meeting are unaware that Clinton’s emails are being stored on a private server in her house.

The Washington Post will later report, “Those officials took no steps to protect the server against intruders and spies, because they apparently were not told about it.” (The Washington Post, 3/27/2016)

March 2009: Clinton’s personal email server is replaced; she will use the new one for the rest of her term as secretary of state.

Justin Cooper, an aide to former President Bill Clinton, has been working with Bryan Pagliano, who worked as a computer technician on Hillary Clinton’s 2008 presidential campaign, to build a new private server located in the Clintons’ Chappaqua, New York, house. Some time in March 2009, Pagliano and Cooper met at the Chappaqua house to physically install the server and related equipment in a server rack in the basement.

Once the new server is up and running, Pagliano migrates the email data from the old server to the new one. Pagliano will later be interviewed by the FBI, and he will claim that after the migration, no email content should have remained on the old server. He will tell the FBI that he only transferred clintonemail.com email accounts for Clinton aide Huma Abedin and others (whose names will later be redacted), and he was unaware of and did not transfer an email account for Hillary Clinton.

However, Clinton emails using a clintonemail.com domain address start getting sent in January 2009, showing she must had had an account on the old server since that time. Cooper will also later be interviewed by the FBI, and he will say he believed Clinton had a clintonemail.com email account on the old server and Abedin did not. The FBI will be unable to obtain the old server to analyze it, so the dispute has not been fully resolved.

130601DellPowerEdge2900public

The Dell Power Edge 2900 (Credit: public domain)

This new server will be used for the rest of Clinton’s term as secretary of state, then will be replaced in 2013. Later in March 2009, the old server is repurposed to serve as a personal computer for household staff at Clinton’s Chappaqua house. (Federal Bureau of Investigation, 9/2/2016)

The Washington Post will later report, “The server was nothing remarkable, the kind of system often used by small businesses, according to people familiar with its configuration at the end of her tenure. It consisted of two off-the-shelf server computers. Both were equipped with antivirus software. They were linked by cable to a local Internet service provider. A firewall was used as protection against hackers.” (The Washington Post, 3/27/2016)

According to the FBI, the new server initially consists of the following equipment: “a Dell PowerEdge 2900 server miming Microsoft Exchange for email hosting and management, a Dell PowerEdge 1950 server miming BlackBerry Enterprise Server (BES) for the management of BlackBerry devices, a Seagate external hard drive to store backups of the Dell PowerEdge 2900 server, a Dell switch, a Cisco firewall, and a power supply.” (Federal Bureau of Investigation, 9/2/2016)

In 2015, Hillary Clinton will say of her server, “It was sitting there in the basement. It was not any trouble at all.” (The Wall Street Journal, 9/27/2015)

March 2009—May 31, 2013: Bryan Pagliano and Justin Cooper jointly manage Clinton’s private server.

160301PaglianoCooperMontage

Bryan Pagliano (left), Justin Cooper (right) (Credit: public domain)

In March 2009, Clinton’s private email server is replaced by a larger one built by her computer technician Pagliano. Cooper had been the only person with administrative access for the previous server, but now both him and Pagliano have administrative accounts on the new one.

Pagliano handles all software upgrades and general maintenance. He works at the State Department in Washington, DC, and there is only evidence of him going to Chappaqua, New York, to directy work on the server three times: in March 2009, to install the server; in June 2011, to upgrade the equipment; and in January 2012, to fix a hardware issue.

By contrast, in a later FBI interview, Cooper will describe his role as “the customer service face.” He can add users or reset passwords on the email server. He also works at the Chappaqua house as an aide to former President Bill Clinton, so it is much easier for him to physically interact with the server there.

Cooper and Pagliano both handle the selection and purchase of server-related items.

In a later FBI interview, Hillary Clinton will state “she had no knowledge of the hardware, software, or security protocols used to construct and operate the servers. When she experienced technical issues with her email account she contacted Cooper for assistance in resolving those issues.”

The roles of Cooper and Pagliano will be phased out in mid-2013, with the Platte River Networks company winning a contact to manage Clinton’s server on May 31, 2013.

Around Spring 2009: Pagliano is warned that classified information could be sent to Clinton’s private server, but there is no sign he takes action or passes this warning on.

When Clinton’s computer technician Bryan Pagliano is interviewed by the FBI in December 2015, he will recall a conversation with a person whose name is redacted that takes place at the beginning of Clinton’s tenure as secretary of state. According to the FBI, this person “advised he would not be surprised if classified information was being transmitted to Clinton’s personal server.”

Pagliano joins the State Department in May 2009, and he also is the main person to manage problems with the server. But there is no mention of him taking any action about this warning or passing it on to anyone else. The unnamed person also gives Pagliano advice on how to improve the server security that goes unheeded as well. (Federal Bureau of Investigation, 9/2/2016)

Around Spring 2009: Clinton’s computer technician is advised to make a key improvement to the security of Clinton’s private server, but the improvement is never made.

When Bryan Pagliano, the manager of Clinton’s private server while she Clinton’s is secretary of state, will be interviewed by the FBI in December 2015, he will recall a conversation that takes place around the beginning of Clinton’s tenure. This person, whose name is later redacted, recommends that email transiting from a state.gov account to Clinton’s private server should be sent through a Transport Layer Security (TLS) “tunnel.” Most of Clinton’s email traffic is with State Department officials using state.gov accounts.

A diagram of the Transport Layer Security (TLS) (Credit: public domain)

A diagram described as Networking 101: Transport Layer Security (TLS) (Credit: public domain)

A September 2016 FBI report will explain: “TLS is a protocol that ensures privacy between communicating applications, such as web browsing, email, and instant messaging, with their users on the Internet. TLS ensures that no third-party eavesdrops on the two-way communication. TLS is the successor to SSL and is considered more secure.”

Pagliano is the main person to manage problems with the server, but he will tell the FBI that the transition to TLS never occurred. It is not clear why. The FBI will be unable to forensically determine if TLS was ever implemented on the server.

The same unnamed person who gives Pagliano this advice also tells him at the same time that he would not be surprised if classified information was being transmitted to Clinton’s personal server.  (Federal Bureau of Investigation, 9/2/2016)

March 29, 2009: For the first two months Clinton uses her private server for all her emails, it operates without the standard encryption generally used to protect Internet communication.

Clinton meets Chinese State Councillor Dai Bingguo in the Diaoyutai State Guesthouse in Beijing, China, on February 21, 2009. (Credit: Greg Baker / Getty Images)

Clinton meets Chinese State Councillor Dai Bingguo in the Diaoyutai State Guesthouse in Beijing, China, on February 21, 2009. (Credit: Greg Baker / Getty Images)

This is according to a 2015 independent analysis by Venafi Inc., a cybersecurity firm that specializes in the encryption process. Not until this day does the server receive a “digital certificate” that encrypts and protects communication over the Internet through encryption.

The Washington Post will later report, “It is unknown whether the system had some other way to encrypt the email traffic at the time. Without encryption—a process that scrambles communication for anyone without the correct key—email, attachments and passwords are transmitted in plain text.”

A Venafi official will later comment, “That means that anyone could have accessed it. Anyone.” (The Washington Post, 3/27/2016)

Clinton began sending emails using the server by January 28, 2009, but will later claim she didn’t start using it until March 18, 2009—a two-month gap similar to the two-month gap the server apparently wasn’t properly protected. Apparently, she has not given investigators any of her emails from before March 18. (The New York Times, 9/25/2015)

A 2016 op-ed in the Washington Post will suggest that security concerns during Clinton’s February 2009 trip to Asia could have prompted the use of encryption on her server. (The Washington Post, 4/4/2016)

An FBI report released in September 2016 will confirm that encyption only began in March 2009. It states that “in March 2009, [Bill Clinton aide Justin] Cooper registered a Secure Sockets Layer (SSL) encryption certificate at [Bryan] Pagliano’s direction for added security when users accessed their email from various computers and devices.” (Federal Bureau of Investigation, 9/2/2016)

March 29, 2009: The encryption certificate used on Clinton’s private server starting on this day has an unusually long duration.

It is valid for four years and then will be renewed with a five year certificate in 2013. Kevin Bocek, vice president of security company Venafi, will later say, “Most security professionals wouldn’t recommend that. Google uses three-month certificates.” The certificate used a standard strength 2,048-byte encryption key. However, it doesn’t use “perfect forward secrecy.” That means that if the key is broken, multiple emails can be accessed. (ComputerWorld, 3/11/2015)

A 2016 FBI report will confirm this, mentioning that the certificate is valid until September 13, 2013, at which time a new certificate is obtained which is valid until September 13, 2018. (Federal Bureau of Investigation, 9/2/2016)

July 3, 2009: The NSA begins monitoring government email traffic for hacking attacks, but Clinton’s private server doesn’t benefit.

It is announced that the National Security Agency (NSA) will monitor the email traffic of 12 US government departments, including the State Department, in order to combat hacking. In a monitoring program called Einstein 3, telecommunication companies route data going to and from government networks through the NSA, which examine the traffic for any activity suggestive of an attack. (Wired Magazine, 7/8/2009) 

In 2015, Wired Magazine will note that because Clinton used a private email server, her “email [didn’t] have the benefit of any of that expensive government security.” (Wired, 3/4/2015)

May 21, 2010—October 21, 2010: Computer records suggest Clinton’s private server could be located at the Clinton Foundation’s headquarters.

The result of an IP location look up of where Clinton's private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

The result of an IP location look up of where Clinton’s private server was in mid-2010 appears to indicate the middle of Manhattan, New York. (Credit: IP Finder / Google Maps)

According to publicly available computer records, the IP [Internet Protocol] address for the mail.presidentclinton.com server is 24.187.234.187 from at least 2009 to 2011. Records also show that mail.clintonemail.com server has the same exact IP address, 24.187.234.187, from at least May 21, 2010 to October 21, 2010. That means the two servers must have been in the same location for that overlapping time period.

Computer records can also indicate where the IP addresses are physically located, and that IP address at that time is somewhere in the middle of Manhattan, New York City. That makes sense for presidentclinton.com, since former President Bill Clinton’s offices are there, and the Clinton Foundation headquarters is also there. But that would suggest that Hillary Clinton’s clintonemail.com server used for all her secretary of state work is also based in Manhattan and not Chappaqua, New York, for at least part of 2010. (DNS History, 9/7/2015) (DNS History, 9/7/2015) (IP Tracker, 9/3/2015)

Around Mid-2010 and After: After contacting a Secret Service agent about frequent hacking attacks on Clinton’s server, the managers of the server apparently never contact anyone else from other government departments for help.

Justin Cooper (Credit: Alex Wong / Getty Images)

Justin Cooper (Credit: Alex Wong / Getty Images)

According to a September 2016 FBI report, Justin Cooper, a Bill Clinton aide who is helping to manage Clinton’s private server, contacts a Secret Service agent at some point during Clinton’s tenure as secretary of state. It is not clear when this happens, but apparently it is not long after the server begins to be frequently targeted by brute force hacking attacks around the middle of 2010.

Cooper will be asked about this in a September 2016 Congressional hearing shortly after the FBI report is published. He will say, “when we first experienced some of the repeated failed login attempts, I reported them to the Secret Service. … There was an instance where we shared some logs with [them]. … The Secret Service looked at logs from the server and made some recommendations to [server manager Bryan] Pagliano about the possible origins of those failed logins and some techniques he might use to mitigate that problem.” (The Secret Service agent will give advice on improving the server’s security that will not be followed.)

However, when Cooper is asked by Representative Blake Farenthold (R), “Did you turn over the logs and notifications that you received to the FBI, the emails of brute force attacks?” Cooper will say the FBI was not contacted.

Representative Jody Hice (Credit: Twitter)

Representative Jody Hice (Credit: Twitter)

Additionally, when Representative Jody Hice (R) will ask if Cooper consulted with any other “department or agency in the government,” Cooper will say, “No. No consultations of that type.” He will also specifically mention the State Department wasn’t consulted. (US Congress, 9/13/2016)

It’s possible that Pagliano contacted others, but the FBI will interview both Cooper and Pagliano in its investigation and then will mention only the contact with the Secret Service in its final report.

The number of hacking attacks steadily grows through the rest of Clinton’s time in office. (Federal Bureau of Investigation, 9/2/2016)

Around Mid-2010 to January 2013: “Brute force” hacking attempts on Clinton’s private server begin and steadily increase, but it is unknown if any are successful.

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly Roll Call)

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly)

Bryan Pagliano, the manager of Clinton’s private server while she is secretary of state, will be interviewed by the FBI in December 2015. According to an FBI report, he will claim that the server suffered no known security breaches. However, “he was aware there were many failed login attempts, which he referred to as brute force attacks. He added that the failed attempts increased over the life of the [server], and he set up the server’s logs to alert [Justin] Cooper when they occurred. Pagliano knew the attempts were potential attackers because the credentials attempting to log in did not match legitimate users on the system. Pagliano could not recall if a high volume of failed login attempts emanated from any specific country.”

The FBI report will explain, “A brute force attack is a trial-and-error method used to obtain information, such as a password… In a brute force attack, passwords may be attempted manually or automated software can be used to generate a large number of consecutive guesses as to the targeted information.” (Federal Bureau of Investigation, 9/2/2016)

Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about brute force attacks in a September 2016 Congressional hearing. He will respond, “I can’t say with any specificity how many had happened. They happened with some limited frequency over the period of, I’d say the last two and a half years, while she was in office. But we had developed systems to tamper these down.”

Representative Blake Farenthold (R) will ask Cooper that if the brute force attacker managed to enter the correct user name and password, “you wouldn’t have been notified, would you? You would have thought it was Mrs. Clinton or some legitimate user actually getting in?”

After further questioning, Cooper will admit that he only looked at failed attempts and didn’t check for related successful log-ins. (US Congress, 9/13/2016)

Around Mid-2010: A Secret Service agent advises Pagliano to take a step to improve the security of Clinton’s private server, but the step is not taken.

After Bryan Pagliano sets up Clinton’s new private server in January 2009, he sets up Internet Protocol (IP) filtering on the firewall, once a firewall is established in late March 2009. Pagliano will later tell the FBI that he tried to review the firewall log files once a month.

The US Secret Service Badge (Credit: public domain)

The US Secret Service Badge (Credit: public domain)

At some point, Justin Cooper, a Bill Clinton aide who is helping Pagliano manage the server, puts Pagliano in contact with a US Secret Service agent. The timing of this is not clear. However, in a September 2016 Congresssional hearing, Cooper will say it happened after Clinton’s server started to get frequent “brute force” hacking attacks, and that begins around the middle of 2010.

This agent recommends that Pagliano should also perform outbound filtering of email traffic. According to a September 2016 FBI report, “Pagliano further considered, but ultimately did not implement, a Virtual Private Network (VPN) or two-factor authentication to better secure administrative access to the server system by him and Cooper.”

The FBI report will explain: “‘VPN’ is a private network that runs on top of a larger network to provide access to shared network resources, which may or may not include the physical hard drives of individual computers… VPN offers an additional layer of security by encrypting the data traveling to the private network before sending it over the Internet. Data is then decrypted when it reaches the private network. … ‘Two-factor authentication’ is a method of confirming a user’s claimed identity by utilizing a combination of two different components…” (Federal Bureau of Investigation, 9/2/2016) (US Congress, 9/13/2016)

July 24, 2010: Clinton may start accessing the Internet at her Washington home using an unsecure, typical Wi-Fi connection.

Philippe Reines (Credit: Washington Post)

Philippe Reines (Credit: Washington Post)

Clinton and Philippe Reines have an email chain about Clinton’s new iPad. Reines is Clinton’s press secretary and a senior advisor. It is a Saturday and apparently Clinton is at her home in Washington, DC, and trying to get her new iPad to work. She cannot connect to the Internet with it, so she asks Reines, “I don’t know if I have wi-fi. How do I find out?” (Wi-Fi technology allows one to connect to the Internet using a wireless local area network.)

Reines responds, “Let me talk to Justin & Huma to check out the situation, and if there is wi-fi I’m happy to swing by and set it up.” “Justin” is a likely reference to Clinton aide Justin Cooper, who registered Clinton’s private server in her Chappaqua, New York, house, and “Huma” is a likely reference to Clinton’s deputy chief of staff Huma Abedin. (US Department of State, 11/30/2015) 

It is not known what happens, but it appears Reines is prepared to enable Clinton to regularly use her iPad at her home using a typical Wi-Fi network, without any extra security measures. Clinton begins using her iPad for her emails the next day, while continuing to use her BlackBerry. (US Department of State, 8/31/2015)

December 2010: Pagliano gets help from other State Department staffers to fix a communication problem involving Clinton’s private server.

Clinton’s computer technician Bryan Pagliano is working with staff from the State Department’s Information Resources Management (IRM) office to resolve issues affecting the ability of emails sent from Clinton’s private server to be received at department .gov email addresses. Pagliano shows some staffers the computer logs from the server. The issue is eventually resolved. On December 21, 2010, IRM staff send an email to Clinton’s top aides describing the issue and summarizing what was done to resolve it. This appears to be one of the few times Clinton’s server is discussed with other department employees. (US Department of State, 5/25/2016)

Late 2010 or Early 2011: Clinton’s computer technician is given a briefing; this shows some know Clinton has a private server.

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

According to later released emails, Bryan Pagliano receives an IT [information technology] security briefing in late 2010 or early 2011. It has to do with cybersecurity risks facing the State Department. A letter by Charles Grassley (R) which summarizes the emails says this briefing is “in connection with his work on the Secretary’s non-government server.” Pagliano continues to run Clinton’s private email server after he is hired by the State Department in May 2009, and at least initially, his bosses and co-workers don’t know about his second job with Clinton’s server. It’s not clear who else learns about it and when. (Reuters, 3/24/2016) (US Department of State, 5/25/2016)

2011—2013: Very few employee emails are being permanently archived in the State Department.

According to a 2015 State Department inspector general report, in 2011, only 61,156 department emails out of a billion are formally archived, a rate of far less than one percent. In 2013, the number is even lower, only 41,749. Clinton will later justify her use of a private email address by claiming that her emails to other government officials would be permanently archived through their email accounts. (Politico, 3/11/2015)

March 13, 2011—March 14, 2011: An email chain shows that Clinton is far from the only US official emailing obviously classified information.

Jeffrey D. Feltman (Credit: Patrick Tsui / FCO)

Jeffrey D. Feltman (Credit: Patrick Tsui / FCO)

On March 13, 2011, Assistant Secretary of State for Near Eastern Affairs Jeffrey D. Feltman writes in an urgent email that Saudi Arabia and The United Arab Emirates are sending troops into the neighboring country of Bahrain to quash anti-government protests there. The email is sent to more than 20 other US officials, and then replied to and forwarded ten times in the next 24 hours. Recipients include Clinton, US Ambassador to Kuwait Deborah Jones, Homeland Security Adviser John Brennan, Deputy National Security Adviser Denis McDonough, and US Ambassador to the United Nations Susan Rice.

Feltman’s original email and some of the replies contain information later deemed classified. However, many of the emails in the chain are sent through the State Department’s unclassified system, state.gov, nicknamed “the low side,” instead of the department’s system for classified information, nicknamed “the high side.” Clinton’s private server is considered even less secure than “the low side.”

The New York Times will later report on the email chain to illustrate how widespread the emailing of obviously classified information through improper channels had become during this time period. (The New York Times, 5/10/2016) (US Department of State, 2/29/2016)

2012: Clinton’s private server is vulnerable to a hacker attack described in a government warning.

Marc Maiffret (Credit: Fox News Business)

Marc Maiffret (Credit: Fox News Business)

The Homeland Security Department’s Computer Emergency Readiness Team issues a warning about remote access attacks, that would allow hackers to take control of computers. The warning notes that “An attacker with a low skill-level would be able to exploit this vulnerability.”

In 2015, the Associated Press will report that Clinton’s private email server could have been vulnerable to a hostile takeover by this very type of attack. Clinton’s server appears to have lacked encrypted protections, and could accept commands from the computers over the Internet.

Marc Maiffret, who founded two cybersecurity companies, will later comment, “That’s total amateur hour. […] Real enterprise-class security, with teams dedicated to these things, would not do this.”

Another cybersecurity expert, Justin Harvey, will comment that Clinton’s server “violates the most basic network-perimeter security tenets: Don’t expose insecure services to the Internet.” (The Associated Press, 10/13/2015)

2012: Clinton’s private server is still run on software newly prohibited by the State Department.

At some point in 2012, The State Department bans the use of remote-access software for its technology officials to maintain unclassified servers, unless a waiver is given. It also bans all instances of remotely connecting to classified servers. However, according to records from December 2012, Clinton’s private email server continues to use remote-access software, and no evidence of a waiver allowing this has yet emerged.

Computer security expert Mikko Hypponen will say in 2015 that the use of remote-access software on her server was “clearly serious” and could have allowed hackers to run malicious software on it. (The Associated Press, 10/13/2015)

August and December 2012: An Internet-wide hacker attack makes Clinton’s private server even more vulnerable.

An anonymous hacker using a computer in Serbia scans hundreds of millions of Internet addresses for accessible openings, called “ports.” Clinton’s private server is scanned by this hacker in August 2012 and again in December. The hacker’s millions of results are then made widely available on-line. It is unknown if anyone looking at this data figures out if the server belongs to Bill and Hillary Clinton, although the name “clintonemail.com” is a clue. (The Associated Press, 10/13/2015)

Around October 28, 2012: Clinton’s computer technician is still managing her private server, but there is no known email trail.

Clinton’s private email server in Chappaqua, New York, stops working for days after New York is hit by Hurricane Sandy. Bryan Pagliano is still the lead specialist for the server and is tasked to fix it. The email system is not always reliable, and Pagliano is always the one on call to fix problems as they come up. (The Washington Post, 8/4/2015) However, no emails between Pagliano and Clinton will be included in Clinton’s over 30,000 publicly released work emails, except for one where he wishes her a happy birthday. (US Department of State, 11/30/2015)

October 30, 2012: Pagliano wants State Department help for Clinton’s private server, but doesn’t get it.

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

Starting around October 28, 2012, Hurricane Sandy disrupts power in the New York City area for a few days, including the Chappaqua, New York, area where Clinton’s private email server is located. On October 30, an email exchange between Clinton’s deputy chief of staff Huma Abedin and another Clinton aide discusses that Clinton’s private server is down. Abedin’s main email account is hosted on the server.

Clinton’s computer technician Bryan Pagliano meets with staff from the department’s Information Resources Management (IRM) to find out if the department could provide support for Clinton’s server. Staffers tell Pagliano they can’t help because it is a private server.

This appears to be a very rare instance in which the existence of the server is mentioned to other department employees. (US Department of State, 5/25/2016)

November 2012: Clinton’s private email account is reconfigured to use Google’s servers as a backup in case her personal server fails.

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

This is according to Internet records; it is likely in response to the server crashing for several days after Hurricane Sandy one month earlier. The choice of Google is curious because Clinton herself claimed that in June 2011, the Chinese government tried to break into the Google email accounts of senior US government officials. (The Associated Press, 3/4/2015)

January 2013—May 31, 2013: Clinton uses an agent to find new management for her private server.

Tania Neild (Credit: public domain)

Tania Neild (Credit: public domain)

Tania Neild runs a company called InfoGrate that connects very wealthy people with companies who oversee their personal technologies, such as emails, and her company is based only about twenty miles from Clinton’s New York house. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

An FBI report will later state that “due to user limitations and reliability concerns regarding the [existing] server, staff for [Hillary] Clinton and President [Bill] Clinton discussed future email server options, and a search was initiated to find a vendor to manage a Clinton email server. Additionally, [Clinton’s computer technician Bryan] Pagliano’s expressed desire to seek new employment contributed to the decision to move to a new server.”

Clinton will also be interviewed, and she will recall “that the transition to [a new company] was initiated by President Clinton’s aides seeking a higher level of service than could be provided by the [existing] server.”

Around January 2, 2013, Neild is introduced to Clinton’s chief of staff Cheryl Mills through an unnamed mutual business associate. Neild will later tell the FBI that she worked with Mills and Pagliano to produce a proposal to solicit responses from multiple companies. (Federal Bureau of Investigation, 9/2/2016)

January 2013, Platte River Networks, a small company based in Colorado, is told by Neild they are in he running for a new contract. In mid-February, they find out they are a finalist for the contract, and that they might be working for Clinton. They will be hired by Clinton to manage her private server on May 31, 2013. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

01-2013AlexMcGeorgeNewsmax

Alex McGeorge (Credit: Newsmax)

Pagliano will later tell the FBI who made the final decision to pick Platte River. But this person’s name will be redacted, and only identified as someone working for President Clinton. (Federal Bureau of Investigation, 9/2/2016)

In retrospect, the choice of Platte River will seem to be an odd one. Cybersecurity expert Alex McGeorge will later comment, “My big issue here is do you want a small firm with little/no government experience or contracting (according to what’s being reported) and no stated security expertise to be in charge of the email system for our secretary of state? That is fundamentally ridiculous.” (Business Insider, 8/17/2015)

January 5, 2013: Someone accesses the email account of one of Bill Clinton’s staffers on the private server used to host Hillary Clinton’s emails.

130101TorLogopublic

The Tor Logo (Credit: public domain)

This is according to a FBI report that will be released in September 2016. It is known the staffer whose account gets breached is female, but her name will be redacted. The unnamed hacker uses the anonymity software Tor to browse through this staffer’s messages and attachments on the server.

The FBI will call this the only confirmed “successful compromise of an email account on the server.” But the FBI will not be able to determine who the hacker is or how the hacker obtained the staffer’s username and password to access her account. (Federal Bureau of Investigation, 9/2/2016)

Wired will later comment, “The compromise of a Bill Clinton staffer—who almost certainly had no access to any of then-Secretary Clinton’s classified material—doesn’t make the security of those classified documents any clearer. But it will no doubt be seized on by the Clintons’ political opponents to raise more questions about their server’s security.”

Dave Aitel (Credit: Immunity)

Dave Aitel (Credit: Immunity)

Clinton’s computer technician Bryan Pagliano is in charge of monitoring the server’s access logs at the time.

But Dave Aitel, a former NSA security analyst and founder of the cypersecurity company Immunity, will later comment that the breach shows a lack of attention to the logs. “They weren’t auditing and restricting IP addresses accessing the server. That’s annoying and difficult when your user is the secretary of state and traveling all around the world… But if she’s in Russia and I see a login from Afghanistan, I’d say that’s not right, and I’d take some intrusion detection action. That’s not the level this team was at.” (Wired, 9/2/2016)

When Pagliano is interviewed by the FBI in December 2015, he will claim that he knew of no instance when the server was successfully breached, suggesting he didn’t know about this incident. (Federal Bureau of Investigation, 9/2/2016)

And when Justin Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about the incident in September 2016, he will say he knew nothing about it until he read about it in the FBI report released earlier that month. (US Congress, 9/13/2016)

February 13, 2013: Clinton’s deputy chief of staff Huma Abedin signs a pledge that she has given all of her work-related documents back to the State Department, but she didn’t.

Huma Abedin on her cell phone in Londonderry, New Hampshire, on January 3, 2016. (Credit: Rick Friedman / Corbis)

Huma Abedin on her cell phone in Londonderry, New Hampshire, on January 3, 2016. (Credit: Rick Friedman / Corbis)

All State Department officials are required to sign the “separation statement” when they leave the department, known as the OF-109 form. However, Abedin has a private email address (huma@clintonemail.com) on the same private server that Clinton does, and when she leaves the department in February 2013 she does not turn over any of her emails from it, including work-related emails.

Her emails will not be handed over until a couple of years later, after various lawsuits and investigations. In signing the form, Abedin acknowledges she could be subject to “criminal penalties” for lying on the document.

The Hill will later report, “It’s unclear whether Abedin would be subject to prosecution, given the unusual nature of Clinton’s private email setup.” (The Hill, 11/13/2015) (US Department of State, 9/11/2015)

March 14, 2013: Guccifer accesses the email account of Clinton confidant Sid Blumenthal.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large "G" for "Guccifer" added. Because it was sent on February 16, 2013, two weeks after Clinton's term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

This is one of four Clinton-Blumenthal emails that Guccifer makes public in full, all printed in pink and with a large “G” for “Guccifer” added. Because it was sent on February 16, 2013, two weeks after Clinton’s term as secretary of state ended, it has not been released elsewhere. It describes intelligence that prominent Saudis helped fund the 2012 Benghazi terrorist attack.

Guccifer, an unemployed Romanian whose real name is Marcel-Lehel Lazar, breaks into the AmericaOnline (AOL) email account of Blumenthal. Guccifer does not have typical hacking skills but instead attempts to guess passwords and answers security questions. In recent months, he broke into the accounts of famous people, or the friends and family of famous people, including those of former secretary of state Colin Powell and former US president George W. Bush.

He takes screenshots of the text of emails of Clinton and Blumenthal discussing sensitive foreign policy issues during her time as secretary of state. He also takes a screenshot of Blumenthal’s inbox showing a list of the latest emails sent from Clinton.

In the next few days, the screenshots are made public, and for the first time, Clinton’s private email address hdr22@clintonemail.com is revealed to the world. (USA Today, 3/22/2013) (The Smoking Gun, 3/3/2015)