Ex-DHS chief confirms suspected Russian hackers targeted his email account

“If they have the ability to do that, what else did they have the ability to do?" Chad Wolf wondered on Monday.
Senate testimony
Acting Homeland Security Secretary Chad Wolf, then the Homeland Security acting secretary, testifying before a Senate panel in August (Flickr/Department of Homeland Security)

Former acting Homeland Security Secretary Chad Wolf on Monday confirmed news reports that the suspected Russian spies behind a multi-prong breach of federal networks had targeted his email account while in office.

“The fact that they got my email and knew that I was running late to meetings or I had a schedule change [was] not that big of a deal at the end of the day, but the overall access was,” Wolf said during a webinar hosted by the Heritage Foundation.

“If they have the ability to do that, what else did they have the ability to do? Or what else did we not have insight into?” added Wolf, who served as President Donald Trump’s last Homeland Security secretary before stepping down in January.

Wolf’s comments come after the Associated Press reported on March 29 that the suspected Russian hackers had accessed his email account and those of some Department of Homeland Security cybersecurity staffers. The attackers exploited software made by contractor SolarWinds, among other vendors, on their way to breaching at least nine U.S. federal agencies and about 100 companies, the White House has said. The breaches have prompted the Biden administration to call for more federal cybersecurity resources.


Wolf’s remarks on Monday underscored how little the federal government knew of the alleged Russian operation when it first came to light. Private firms — FireEye and Microsoft — and not intelligence agencies first alerted U.S. officials of the breaches.  

“There were a lot of unknowns at the time,” Wolf recalled. “A lot of the information we know now, we did not know then.”

As the days passed after DHS first learned of the incident, he added, the department’s Cybersecurity and Infrastructure Security Agency determined that a “number of specific offices,” including the DHS front office, were targeted.

U.S. officials said in January that the hacking campaign is “likely Russian in origin.” U.S. officials have indicated that more details on who carried out the activity would be made public, but it’s unclear when. Moscow has denied involvement.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts