Security Experts:

Connect with us

Hi, what are you looking for?



NSA Contractor Charged With Leaking Russia Hacking Report

A federal contractor has been charged with removing classified material from a government facility and mailing it to a news outlet, the U.S. Department of Justice announced on Monday.

A federal contractor has been charged with removing classified material from a government facility and mailing it to a news outlet, the U.S. Department of Justice announced on Monday.

Reality Leigh Winner, 25, of Augusta, Georgia, had worked as an NSA contractor with Pluribus International Corporation since mid-February. Winner allegedly abused her top secret clearance to access a classified intelligence report, which she printed and mailed to a news outlet that has not been named by authorities.

The news outlet in question is said to be The Intercept, which published an article on Monday based on top secret NSA documents claiming that hackers linked to Russia’s military had repeatedly attempted to break into U.S. voting systems before last year’s presidential election. The Intercept said it obtained the NSA materials from an anonymous source.

According to court documents, reporters informed intelligence officials of their intention to publish an article. The copy of the document provided by the news outlet to officials was “folded and/or creased,” which allowed government investigators to determine that the document had been printed and physically carried out of the facility.

An internal audit showed that a total of six individuals had printed the leaked report and one of them was Winner. An analysis of the desk computers used by these six individuals revealed that Winner had contacted the news outlet via email.

The FBI obtained a search warrant for Winner’s residence, and authorities said the woman admitted printing the report and mailing it to the news organization, despite knowing that the material was classified.

Winner printed the classified report on May 9 and mailed it a few days later. She was arrested by the FBI on June 3 and on Monday she was charged with removing classified material from a government facility and mailing it to a news outlet.

“Exceptional law enforcement efforts allowed us quickly to identify and arrest the defendant,” said Deputy Attorney General Rod J. Rosenstein. “Releasing classified material without authorization threatens our nation’s security and undermines public faith in government. People who are trusted with classified information and pledge to protect it must be held accountable when they violate that obligation.”

The article published by The Intercept based on documents provided by Winner revealed that hackers associated with Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate (GRU), sent spear-phishing emails to employees of VR Systems, a Florida-based vendor of electronic voting services and equipment, in order to trick them into handing over their credentials.

The hackers then used the compromised credentials to deliver malware to local government employees by posing as the vendor. It’s unclear, however, if this phase of the attack was successful.

The United States has officially accused Russia of attempting to interfere with its presidential elections, but Moscow has repeatedly denied the accusations. Last week, Putin once again denied that the Russian government is involved in hacking operations, but admitted that patriotic hackers could launch politically motivated attacks against “those speaking ill of Russia.”

The U.S. is currently conducting an investigation to assess the impact of cyberattacks on the outcome of the elections, but Putin is convinced that hackers cannot influence an election campaign.

Related: DHS Uses Cyber Kill Chain to Analyze Russia-Linked Election Hacks

Related: Trump’s Intel Bosses Reiterate – Russia Meddled in Election

Related: Ex-CIA Chief Says He Warned Russia to Stay Out of Election

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.