The Democratic National Committee said Thursday that what it initially believed to be a “sophisticated attempt” to gain access to its voter information was actually just a test.
The DNC first revealed the attack, which involved a fake login page in an attempt to gather usernames and passwords, on Wednesday and said it had reported the incident to law enforcement. But Bob Lord, the DNC’s chief security officer, released a clarifying statement that evening saying the incident appeared to be an unauthorized test.
“We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder,” Lord said in the statement. “The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.”
The Michigan Democratic Party authorized the test, The Washington Post reported and the chair of the state party confirmed Thursday.
“In an abundance of caution, our digital partners ran tests that followed extensive training. Despite our misstep and the alarms that were set off, it’s most important that all of the security systems in place worked,” Brandon Dillon, the chair of the state Democratic Party, said in a statement.
The incident comes amid heightened concern over foreign meddling in U.S. elections after Russia’s interference in the 2016 election. Hackers linked to Russia breached the DNC in 2016.
Artificial intelligence developed by the mobile security firm Lookout first identified the phishing on Monday evening, about 30 minutes after it began. Officials at the company quickly contacted the cloud service hosting it. The two groups, along with NGP VAN, the group that hosts DNC voter information, took it offline after a few hours.
Lord said in his statement that the DNC “took the necessary precautions” to ensure that no data was compromised.
“There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks,” he said.
This article has been updated with information about the Michigan Democratic Party authorizing the test.