WASHINGTON/NEW YORK: Emails accounts for a campaign group supporting Republicans running for the US House of Representatives were hacked before this year's congressional elections, according to a person familiar with the situation.
Hackers used stolen passwords to access a "small number" of National Republican Congressional Committee (NRCC) email accounts in a hack discovered around April, said the person, who was not authorized to discuss details of the attack.
The NRCC changed the passwords at its web-based email provider and took steps to prevent similar attacks, the person said.
The person declined to name the email provider and said the hackers did not penetrate the NRCC's own computer systems.
The NRCC confirmed it was the victim of a cyberattack by an unknown party, but declined to say what systems were affected.
"Upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," NRCC spokesman Ian Prior said via email.
He did not elaborate.
The hackers used techniques that make them difficult to identify and officials have yet to determine whether they were aligned with a foreign government, said a second person familiar with the case.
The news was first reported by Politico, which said the NRCC learned about the attack from a vendor who alerted the committee and its cybersecurity contractor.
However senior Republican House leaders, including Speaker Paul Ryan and Majority Leader Kevin McCarthy, were not informed until contacted by the news site, Politico said.
An FBI spokeswoman declined comment.
A senior US Department of Homeland Security official told Reuters on Tuesday the agency had not been informed by the NRCC or FBI of such an attack.
A spokeswoman with the NRCC's cybersecurity contractor, CrowdStrike, declined to comment.
During the most recent election cycle, the NRCC raised more than US$174 million and spent most of the cash on advertisements trying to help Republicans in difficult races.