Hacker Guccifer claims to have easily breached Hillary Clinton’s email twice

library
crime | hacking | security

Guccifer, the infamous and now-imprisoned hacker of the stars, is claiming to have easily breached Hillary Clinton’s email server in 2013.

Twice, in fact.

Fox News interviewed the Romanian hacker from a Virginia jail where he’s being held after being arrested in 2014 and extradited to the US on or around 31 March to face a nine-count federal indictment on computer hacking charges.

In 2014, Guccifer was indicted by a US federal grand jury on charges of wire fraud, unauthorized access to a protected computer, aggravated identity theft, cyberstalking and obstruction of justice.

As Reuters reported in March, Lehel was sentenced in 2014 by a Romanian court to four years in jail for illegally accessing email accounts of public figures “with the aim of getting … confidential data” and is serving another three-year term for other offenses.

Guccifer, whose real name is Marcel Lehel Lazar, grabbed a slew of stuff from celebrities over his star-studded career, including ex-US President Bush’s self-portrait in the bathtub, former US Secretary of State Colin Powell’s Facebook account, emails that portrayed Powell as having an affair with Romanian politician Corina Cretu (which he denied), and even the script for the Downton Abbey finale.

Now, if what Guccifer claims proves true, we can add an item to that list. It’s one of considerable interest to the FBI: the emails of former secretary of state and current presidential hopeful Hillary Clinton.

From a recorded conversation in which Fox asked Lazar if it was hard or easy to break into Clinton’s server:

No, for me, was easy, was easy. For me, for everybody.

And a more poetic quote from an interview Lazar did with NBC News while he was still in a Bucharest prison:

It was like an open orchid on the internet. … There were hundreds of folders.

Last month, Guccifer’s potential involvement in the FBI’s year-long investigation into Clinton’s possible mishandling of classified information when she was secretary of state first became known.

Clinton’s use of a personal account – clintonemail.com – first came to light in 2013, when Guccifer breached the email account of one of Clinton’s closest confidants and advisors, Sidney Blumenthal, while she was secretary of state.

In March 2013, Lazar released to the media multiple exchanges between Blumenthal and Clinton.

Over the course of a half-hour jailhouse interview and phone calls, Guccifer provided what Fox News calls “extensive” details of how he breached the private, unsecured server – located in Clinton’s home in Chappaqua, New York – that held emails she’d had diverted from a secure government server while secretary of state.

To get into Blumenthal’s email account, he first researched his target. Part of his research on targets reportedly included reading their biographies. Then, he correctly guessed at Blumenthal’s security question, he told Fox.

The station said that it hasn’t independently verified Lazar’s claims.

Lazar also told Fox what he found when he breached Clinton’s server, “like, twice.” Apparently, it struck him as pretty boring stuff at the time: he described the contents as “not interesting.”

I was not paying attention. For me, it was not like the Hillary Clinton server, it was like an email server she and others were using with political voting stuff.

Brian Fallon, national press secretary for Clinton’s presidential campaign, told NBC that Guccifer’s claims were baseless:

There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact that he offers no proof to support his claims, his descriptions of Secretary Clinton’s server are inaccurate. It is unfathomable that he would have gained access to her emails and not leaked them the way he did to his other victims.

We have received no indication from any government agency to support these claims, nor are they reflected in the range of charges that Guccifer already faces and that prompted his extradition in the first place. And it has been reported that security logs from Secretary Clinton’s email server do not show any evidence of foreign hacking.