Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Ex-Senate Employee Pleads Guilty to Theft of Personal Data

A former congressional staffer has pleaded guilty to five federal offenses that stem from illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination.

A former congressional staffer has pleaded guilty to five federal offenses that stem from illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination.

The Justice Department said in statement Friday that 27-year-old Jackson A. Cosko could face a prison term of at least 30 months and as much as 57 months. The offenses included making public restricted personal information, computer fraud, witness tampering and obstruction of justice.

Cosko was formerly employed as a computer systems administrator in the office of Sen. Maggie Hassan, D-N.H. The position gave him “intimate knowledge of, and broad access to” the computer systems in Hasan’s office, according to court records.

He was fired from the job in May 2018 for what Hassan’s office said was failing to follow office procedures and his access to the senator’s office and her computer systems was terminated. “We did not have reason to believe that he posed a risk,” a spokesman for Hassan said last year.

But court records said Cosko was angry over the termination and he began an “extensive computer fraud and data theft scheme that he carried out by repeatedly burglarizing Senator Hasan’s office.”

During these break-ins, Cosko copied dozens of gigabytes of data from Hassan’s computers, including dozens of user names and passwords belonging to Senate employees and “contact information for numerous sitting U.S. senators.”

In late September, while watching television coverage of Kavanaugh’s confirmation hearing before the Senate Judiciary Committee, Cosko became angry at several of the senators who are committee members. He acted on that anger, according to the court records, by “maliciously publishing” on Wikipedia the personal home addresses and telephone numbers of Republican senators Lindsey Graham of South Carolina, Mike Lee of Utah and Orrin Hatch of Utah. Hatch retired in January after 42 years in the Senate.

Advertisement. Scroll to continue reading.

Cosko intended for people who learned of the information to use it to intimidate the senators as well as members of their immediate families, according to the records. Cosko had the same goal in mind a few days later when he also published personal contact information for Senate Majority Leader Mitch McConnell and Sen. Rand Paul, both Kentucky Republicans.

The Justice Department statement and court records also described how Cosko threatened a witness who saw him at a computer in Hasan’s office on the night of Oct. 2. The witness, who isn’t identified by name, confronted Cosko and he left the office.

Cosko sent a threatening email to the witness later that evening that read, “I own EVERYTHING” and warned the person, “If you tell anyone I will leak it all.”

He was arrested the next day by U.S. Capitol Police.

Most recently, Cosko worked briefly as an unpaid intern in the office of Rep. Sheila Jackson Lee, D-Texas. The congresswoman fired him after his arrest.

Cosko is scheduled to be sentenced in Washington on June 13.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.