Hillary Clinton has insisted that the homebrew email server she used as secretary of state didn’t put national security at risk — even as an FBI investigation continues.
Now, security experts are coming forward with their most damning accusations yet. Clinton’s reckless misuse of secret government information may have outed U.S. spies to hostile foreign governments.
The names of CIA personnel could have been compromised by hackers and foreign governments who penetrated Clinton’s private computer server, security experts say.
Clinton, the presumptive Democratic presidential nominee, turned over to the State Department 55,000 emails from her private server that were sent or received when she was secretary of state. Some contained information that has since been deemed classified, and those emails were redacted for public release with notations for the reason of the censorship.
At least 47 of the emails contain the notation “B3 CIA PERS/ORG,” which indicates the material referred to CIA personnel or matters related to the agency. And because Clinton’s server was vulnerable to hacking, we should assume that hackers (and the governments they work for) have the original, uncensored emails identifying CIA employees.
“Start with the entirely plausible view that foreign intelligence services discovered and rifled Hillary Clinton’s server,” said Stewart Baker, a Washington lawyer who spent more than three years as an assistant secretary of the Homeland Security Department and is former legal counsel for the National Security Agency.
If so, those infiltrators would have copies of all her emails. In those original emails, the names are not flagged as being linked to the CIA.
But in the process of publicly releasing the emails, classification experts seem to have inadvertently provided a key to anyone who has the originals. By redacting names associated with the CIA and using the “B3 CIA PERS/ORG” exemption as the reason, “Presto — the CIA names just fall off the page,” Baker said.
And if discovered, any undercover U.S. spies could be detained or even killed.
The CIA declined to comment.
A U.S. official said the risk of the names of CIA personnel being revealed in this way is “theoretical and probably remains so at this time.” The official, who did not have the authority to publicly address the matter, spoke on condition of anonymity and would not elaborate.
Clinton has acknowledged that the email server, set up in the basement of her New York home, was a mistake. But she says she never sent or received anything that was marked classified at the time of transmission. Clinton, who was secretary of state from 2009 to 2013, insists the personal server she used was never actually breached.
Reporters discovered last year that Clinton’s private server was directly connected to the internet in ways that made it more vulnerable to hackers. A recent State Department inspector general’s report indicated the server was temporarily unplugged by a Clinton aide at one point during attacks by hackers, but her campaign has said there’s no evidence the server was hacked.
Another State Department inspector general report revealed that hacking attempts forced Clinton off her private email at one point in 2011.
Baker points out another instance where Clinton’s server might have been hacked.
A March 2, 2009, email warned against State Department officials using Blackberries. Eric Boswell, assistant secretary of state, says the “vulnerabilities and risks associated with the use of Blackberries … considerably outweigh their convenience.”
Nine days later, another email states that Clinton approached Boswell and says she “gets” the risk. The email also said: “Her attention was drawn to the sentence that indicates we (the diplomatic security office officials) have intelligence concerning this vulnerability during her recent trip to Asia.”
By ignoring the warnings, Clinton may have betrayed U.S. spies.
If she did, she could face serious jail time.
The Associated Press contributed to this article.