Former President Donald Trump’s presidential campaign said Saturday it had been hacked and suggested Iranian actors were involved in the theft and distribution of sensitive internal documents.
The campaign did not provide any specific evidence of Iranian involvement, but the claim comes a day after Microsoft released a report detailing attempts by foreign agents interfere in the American campaign in 2024.
In its report, Microsoft cites the case of an Iranian military intelligence unit that in June sent “a targeted phishing email to a senior presidential campaign official from a compromised email account of a former senior adviser.”
Trump campaign spokesman Steven Cheung blamed the hack on “foreign sources hostile to the United States.”
A National Security Council spokesperson told CBS News that it defers to the Justice Department on the matter.
“As we have said repeatedly, the Biden-Harris administration strongly condemns any foreign government or entity that attempts to interfere in our electoral process or seeks to undermine confidence in our democratic institutions,” the NSC spokesperson said in a statement.
Politico first reported the hack on Saturday. The outlet said it began receiving emails on July 22 from an anonymous account. The source — an AOL email account identified only as “Robert” — forwarded what appeared to be a research dossier the campaign had apparently compiled on Republican vice presidential nominee Sen. J.D. Vance of Ohio. The document was dated Feb. 23, nearly five months before Trump chose Vance as his running mate.
“These documents were obtained illegally” and “are aimed at interfering with the 2024 elections and wreaking havoc on our democratic process,” Cheung said.
He highlighted Microsoft’s report released Friday and its findings that “Iranian hackers compromised the account of a ‘senior official’ in the U.S. presidential campaign in June 2024, which coincides with the time frame close to President Trump’s selection of a vice presidential nominee.”
“The Iranians know that President Trump will end their reign of terror, just as he did during his first four years in the White House,” Cheung said, adding that “any media outlet or media organization that reproduces internal documents or communications is doing exactly what they want.”
In response to Microsoft’s report, Iran’s UN mission denied that it had any intention to interfere or launch cyberattacks during the U.S. presidential election. In July, U.S. officials from the Office of the Director of National Intelligence, the FBI, and the Department of Homeland Security said Microsoft had intentions to conduct cyberattacks in connection with the U.S. presidential election. indicated that Iran launched an influence campaign aimed at undermining Trump’s candidacy.
Cheung did not immediately respond to questions about the campaign’s interactions with Microsoft on the matter. Microsoft said Saturday it had no comment beyond its blog post and Friday’s report.
In the report, Microsoft said that “foreign malign influence regarding the 2024 US election started slowly but has gradually accelerated over the past six months driven initially by Russian operations but more recently by Iranian activity.”
The analysis continues: “Iranian influence operations through cyberattacks have been a consistent feature of at least the last three U.S. election cycles. Iran’s operations have been notable and distinct from Russian campaigns in that they appear later in the election season and use cyberattacks more focused on election-related outcomes than on influencing voters.”
“Recent activity suggests that the Iranian regime – as well as the Kremlin – may also be engaged in the 2024 elections,” Microsoft concludes.
Specifically, the report details that in June 2024, an Iranian military intelligence unit, Mint Sandstorm, sent a phishing email to a U.S. presidential campaign through the compromised account of a former adviser.
“The phishing email contained a fake redirect with a hyperlink that directs traffic through an actor-controlled domain before redirecting to the listed domain,” the report said.
Vice President Kamala Harris’ campaign did not immediately respond to a request for comment on the reported hack or the Democratic nominee’s cybersecurity protocols.