Emails stored on Hillary Clinton’s unsecured personal server may have put Central Intelligence Agency personnel at risk, according to security experts.
At least 47 of the 55,000 emails Clinton turned over to the State Department contained the words “B3 CIA PERS/ORG,” the Associated Press reported Wednesday, indicating that the email contained information on CIA personnel or the agency itself.
The tranche of emails from the private server were from the time period when Clinton served as secretary of state. Many of the emails contained information that has since been classified; this information was redacted prior to public release.
“Start with the entirely plausible view that foreign intelligence services discovered and rifled Hillary Clinton’s server,” Steward Baker, a former Homeland Security Department assistant secretary and former legal counsel for the National Security Agency, told the Associated Press.
Should Clinton’s server have been infiltrated by adversaries, they would have all of her emails without the names flagged. It is the redaction process that would give those hackers the key to finding the names of CIA personnel. By exempting the “B3 CIA PERS/ORG” emails from release, reviewers inadvertently told the hackers which emails contain CIA information.
A U.S. official speaking to the AP on the condition of anonymity has said the risk to CIA personnel is currently “theoretical and probably remains so at this time.” The official did not have authority to speak publicly on the matter.
If any CIA identities were revealed due to the release, they may not necessarily belong to operatives working undercover. Many CIA operatives working abroad utilize either official cover or non-official cover. Those working under non-official cover utilize pseudonyms.
John Schindler, a former NSA operative and current columnist for the Observer, wrote about this development back in February, noting that interviews he had done with intelligence officials revealed that Clinton’s actions had put CIA officials at risk.
“Discussions with Intelligence Community officials have revealed that Ms. Clinton’s ‘unclassified’ emails included Holy Grail items of American espionage such as the true names of Central Intelligence Agency intelligence officers serving overseas under cover,” wrote Schindler.
Should foreign governments discover the true names of non-official cover operatives, the results could be predictably dire for U.S. intelligence capabilities.
“People really go to jail for breaking this law,” he continued, citing the case of John Kiriakou, a CIA officer who spent two years in prison for divulging classified information that exposed a CIA colleague who was operating under cover.
Clinton maintains that she never sent or received information marked as classified while using the private server. She has also claimed the server was never breached by hackers.
Despite her claims, a Romanian hacker known as “Guccifer” (true name Marcel Lehal Lazar) pleaded guilty in May to federal charges for hacking Clinton’s server. He has described the server as “completely unsecured” and compared it to “an open orchid on the internet.”
He also noted that “10 others” of unknown origin had access “from other parts of the world.”
A State Department inspector general report has also contradicted Clinton’s claims, noting that a State Department aid at one point unplugged the server due to hacking attacks.
At least two of the emails sent to the server were designated as “top secret” included information on North Korea’s nuclear program. A total of 22 were previously marked top secret, and were not provided to the public. A total of 2,093 are considered “confidential” or “secret.”
IG reports from 2011-2014 have said that the State Department’s cybersecurity measures were also severely lacking. A 2014 intrusion into the State Department’s unclassified email server by hackers linked to Russia required the entire system to be shut off while system administrators fixed the problem.
This report, by Russ Read, was cross-posted by arrangement with the Daily Caller News Foundation.