Future Tense

Report: Trump Organization Compromised by Hackers Four Years Ago, Just Discovered It This Week

The Trump Organization operates golf courses and hotels. 


Mother Jones published an investigation on Wednesday reporting that hackers were able to breach the Trump Organization’s web domain registration account in 2013, possibly allowing them to access its computer network and use its domains to launch malware attacks. The company was apparently unaware of the breach until this week.

An internet security researcher first informed Mother Jones of the hack two weeks ago, pointing to evidence that the unknown attackers were able to create at least 250 website subdomains using the Trump Organization’s GoDaddy domain account, according to the story. These subdomains, which include names such as bfdh.barrontrump.com and dxgrg.celebritypokerdealer.com, were purportedly associated with Russian IP addresses. (This does not necessarily indicate that the hacks were based in Russia.) People who visited the subdomains could have been fooled into divulging sensitive information and allowing malware to infect their computers.

In fact, several major research databases had identified these subdomains and IP addresses as potential conduits for malware in the past, yet Mother Jones suggests that it was only this week that the Trump Organization moved to disable the domains.

The Trump Organization replied to Mother Jones with the following statement:

There has been no “hack” within the Trump Organization and the domain names [in question] do not host active websites and do not have any content. Publishing anything to the contrary would be highly irresponsible. Moreover, we have no association with the “shadow domains” you reference … and are looking into your inquiry with our third party domain registrar. There is no malware detected on any of these domains and our security team takes any and all threats very seriously.

These new revelations suggesting lackluster cybersecurity at the Trump Organization follow a May Gizmodo investigation in which reporters found easily-hackable Wi-Fi networks at the Mar-a-Lago Club in Florida and the Trump National Golf Club in New Jersey. The reporters also found vulnerable Wi-Fi networks and weak security measures for sensitive databases at the Trump International Hotel in Washington and the president’s golf club in Virginia.

Besides his businesses, President Trump’s White House also came into question in August for its seemingly lax cybersecurity measures when staff members were tricked into exchanging emails with a prankster pretending to be administration VIPs such as Jared Kushner and Jon Huntsman. Later that month, a quarter of the National Infrastructure Advisory Council resigned partly due to alleged oversights in the administration’s cybersecurity practices.

Trump proclaimed October 2017 as “National Cybersecurity Awareness Month.”