Hillary Clinton failed to report several hacking attempts, grew afraid of opening emails
Former Secretary of State Hillary Clinton's use of a secret email to conduct official business broke a number of department policies, an inspector general concluded in a report sent to Capitol Hill Wednesday that also suggests she used the account to try to hide her communications from the public.
The 83-page report, obtained by The Washington Times, is devastating in its evaluation of Mrs. Clinton's behavior, saying it can find no record of her getting approval from either security or legal staffers for her unique arrangement. The report also undercuts many of her campaign's explanations for her use of the system, dismisses comparisons to her predecessors' email use, and points to repeated hacking attempts that she failed to report.
After one of the 2011 hack attempts Mrs. Clinton's tech staffer shut the server down for a few minutes, hoping that would solve the situation, but quickly warned top aides not to send Mrs. Clinton "anything sensitive" after the attempted breach, according to the report, which was obtained by The Washington Times.
After another suspicious attempt Mrs. Clinton said she was scared to open email — but failed to report the matter.
"Notification is required when a user suspects compromise of, among other things, a personally owned device containing personally identifiable information," the investigators said. "However, OIG found no evidence that the Secretary or her staff reported these incidents to computer security personnel or anyone else within the Department."
At one point in 2010, Mrs. Clinton's emails were ending up in subordinates' spam filters because they were coming from a non-state.gov account. One of her top aides urged her to sign up for an official account or letting everyone in the department know of her address so she could be added as a verified account, but she refused, saying she didn't "want any risk of the personal being accessible."
In 2011, technology staffers proposed giving her an official department Blackberry to replace her personal device, which was malfunctioning. The staffers said she already had an official account, used to maintain her calendar, but said using it for email would make her messages subject to open-records requests. Her top personal aide, Huma Abedin, rejected the suggestion, saying it "doesn't make a whole lot of sense."
Mrs. Clinton, in a striking move, refused to cooperate with the probe. All of her colleagues did: current Secretary John Kerry and former Secretaries Colin Powell, Condoleezza Rice and Madeleine Albright.
Mrs. Clinton's staff was also reluctant, the investigators said. Her chief of staff, deputy chiefs of staff and her technology gurus all refused to cooperate with the probe.
The emails have proved damaging to Mrs. Clinton, the frontrunner for the Democratic presidential nomination.
Her campaign didn't immediately respond to a request for comment Wednesday morning, but her spokesman posted a Twitter message saying the report "makes clear her personal email use was not unique at State Dept."
Mrs. Clinton has said her use of the secret email account was not a good choice, but has insisted she did not break any laws and did not risk secure information.
The new report lays out many of the details of Mrs. Clinton's server. The domain name clintonemail.com was registered on Jan. 13, while she was still serving in the Senate and before she was confirmed to be secretary on Jan. 21.
State Department staffers were repeatedly asked to help solve problems with Mrs. Clinton's server and her devices, such as her Blackberry — particularly in trying to communicate between her secret address and the state.gov accounts used by most of her subordinates.
But the inspector general was unable to discover who gave the final approval for Mrs. Clinton to use the odd arrangement. The department's legal office said it was not asked to review or approve the setup, and was unaware of anyone else approving it — though some of them did email Mrs. Clinton on her secret account.
Democrats have pointed to Mr. Powell, who also used a personal email account while at the department, as precedent for Mrs. Clinton's actions.
"The Inspector General confirmed what we have known all along — that Secretary Clinton followed the practice of her predecessor when she used a personal email account," said Rep. Elijah E. Cummings, ranking Democrat on the House Oversight Committee. "While Secretary Clinton preserved and returned tens of thousands of pages of her emails to the Department for public release, Secretary Powell returned none. Republicans need to stop wasting taxpayer dollars singling out Secretary Clinton just because she is running for President."
But the inspector general said the IT environment was fluid during Mr. Powell's time in office, and had firmed up substantially by the time Mrs. Clinton took office.
During her tenure, the department specifically warned employees not to send information deemed "sensitive but unclassified" outside of the internal network, and said if they needed to do so, they should speak with tech staffers to work out a solution. Mrs. Clinton never did so.
"OIG found no evidence that Secretary Clinton ever contacted IRM to request such a solution, despite the fact that emails exchanged on her personal account regularly contained information marked as SBU," the investigators said.