Former President Donald Trump’s presidential campaign said Saturday that it has been hacked and suggested Iranian actors were involved in stealing and distributing sensitive internal documents.
The campaign provided no specific evidence of Iran’s involvement, but the claim comes a day after Microsoft issued a report detailing foreign agents’ attempts to interfere in the U.S. campaign in 2024.
It cited an instance of an Iranian military intelligence unit in June sending “a spear-phishing email to a high-ranking official of a presidential campaign from a compromised email account of a former senior advisor.”
Trump campaign spokesperson Steven Cheung blamed the hack on “foreign sources hostile to the United States.” In a statement, a spokesperson for the National Security Council said it takes any report of improper foreign interference “extremely seriously” and condemns any government or entity that attempts to undermine confidence in U.S. democratic institutions, but said it deferred to the Justice Department on this matter.
Politico first reported Saturday on the hack. The outlet reported that it began receiving emails on July 22 from an anonymous account. The source — an AOL email account identified only as “Robert” — passed along what appeared to be a research dossier the campaign had apparently done on the Republican vice presidential nominee, Ohio Sen. JD Vance. The document was dated Feb. 23, almost five months before Trump selected Vance as his running mate.
“These documents were obtained illegally” and “intended to interfere with the 2024 election and sow chaos throughout our Democratic process,” Cheung said.
He pointed to the Microsoft report issued Friday and its conclusions that “Iranian hackers broke into the account of a ‘high ranking official’ on the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential nominee.”
“The Iranians know that President Trump will stop their reign of terror just like he did in his first four years in the White House,” Cheung said, adding a warning that “any media or news outlet reprinting documents or internal communications are doing the bidding of America’s enemies and doing exactly what they want.”
In response to Microsoft’s report, Iran’s United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election.
Cheung did not immediately respond to questions about the campaign’s interactions with Microsoft on the matter. Microsoft said Saturday it had no comment beyond its blog post and Friday report.
In that report, Microsoft stated that “foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”
The analysis continued: “Iranian cyber-enabled influence operations have been a consistent feature of at least the last three U.S. election cycles. Iran’s operations have been notable and distinguishable from Russian campaigns for appearing later in the election season and employing cyberattacks more geared toward election conduct than swaying voters.”
“Recent activity suggests the Iranian regime — along with the Kremlin — may be equally engaged in election 2024,” Microsoft concluded.
Specifically, the report detailed that in June 2024, an Iranian military intelligence unit, Mint Sandstorm, sent a phishing email to an American presidential campaign via the compromised account of a former adviser.
“The phishing email contained a fake forward with a hyperlink that directs traffic through an actor-controlled domain before redirecting to the listed domain,” the report states.
Vice President Kamala Harris’ campaign did not immediately respond to a request for comment on the reported hacking or on the Democratic nominee’s cybersecurity protocols.
___
Associated Press writers Mae Anderson in New York and Fatima Hussein in Rehoboth Beach, Delaware, contributed to this report.