An apparent hacking attempt on the Democratic National Committee’s voter database was a false alarm, the organization has said.
CNN and the Associated Press reported on Wednesday, citing an unnamed party official, that the political organization was warned of an attempt on its systems. DNC officials contacted the FBI after Lookout, a security firm, detected and reported a phishing page that replicated a login page for NGP VAN, a technology provider for Democratic campaigns.
But the party’s security chief quickly reversed its position Thursday, confirming that the phishing page was “simulated.”
“The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC… or any of our vendors,” said Bob Lord, DNC’s chief security officer, in a statement.
Just a day earlier, he briefed Democratic officials on the apparent incident in Chicago on Wednesday.
It’s believed that the Michigan Democratic Party asked a third party to conduct the test without clearance or authorization from the DNC, according to one reporter.
In the case of phishing attacks, hackers attempt to obtain the username and password for sensitive internal systems by tricking staff into entering their credentials on spoofed sites. Hackers can then reuse those credentials to log in themselves.
Disrupt 2026: The tech ecosystem, all in one room
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.
Save up to $300 or 30% to TechCrunch Founder Summit
1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
Offer ends March 13.
Mike Murray, Lookout’s vice president of security intelligence who originally informed the DNC of the phishing page, said in a tweet that, “you don’t know that they’re false until you’ve showed up to investigate.”
It’s not uncommon for political parties to store vast amounts of information on voters. Political parties and national committees often use the data to target voters with political messaging.
In recent years, several voter databases have leaked or were exposed on unprotected servers for anyone to find.
Earlier this week, Microsoft said it thwarted an attempt by a Russian-backed advanced persistent threat group known as Fancy Bear (or APT28) to steal data from political organizations.
Updated on August 23: With new information from the DNC, this story and its headline have been updated.
