Former DHS Secretary Details SolarWinds Hackers’ Access to His Email

Hackers executing a massive campaign that infiltrated his email were able to see aspects of his schedule and similar information—none of which was classified—said former acting Department of Homeland Security Secretary Chad Wolf.

“The fact that they got my email and knew that I was running late to meetings or I had a schedule change, not that big of a deal at the end of the day, but the overall access was,” Wolf said. “Obviously the access is what we were most concerned about. If they have the ability to do that, what else do they have the ability to do, or what else do we not have insight into?”

Wolf spoke at an event hosted by the Heritage Foundation Monday on the wide-scale breaches that occurred as a result of hackers leveraging their access to the ubiquitous IT management company SolarWinds to distribute trojanized software updates to its customers, and other means. The hackers, which U.S. officials have said are likely of Russian origin, compromised a slew of private companies and nine federal agencies, including Homeland Security.

Wolf described the moment when he got the news from leadership in the department’s Cybersecurity and Infrastructure Security Agency. 

“If something is underway, and it's usually on a scale, you know, a scale of one to 10, it's usually hovering around a two or three, kind of your daily things that they see, that they catch cyber criminals, malware, things of that nature,” he said. “In this case, it was obviously very different. This was a scale of around a nine on a 10 on how bad it is.” 

He said none of the email accounts that were compromised were classified and that CISA officials were aware of specific offices, including the front office, that were being targeted.

“It wasn’t the entire network,” he said.