Republican Donors’ Payment Card Information At Risk

Republican Donors’ Payment Card Information At Risk

October 24, 2016         Written By Bill Hardekopf

With the general election just a few weeks away, Republican donors received some bad news.

First, anyone who donated to Senate Republicans in the past six months may have had their credit card information stolen, as the National Republican Senatorial Committee (NRSC) was infected with malware in March.

Dutch security researcher Willem de Groot, who was the first to report the breach, said the attackers were able to use security vulnerabilities and weak passwords to infect the NRSC systems with malware. The organization was one of 5,900 ecommerce sites targeted by the group.

Since the initial attack, only 630 websites have rid their systems of the malware, according to de Groot. He also said 754 of these websites could have been attacked as early as 2015. The malware can go undetected for a long period because it is silently installed in a webpage’s code and appears normal to an untrained eye. It can also run on secure “https” pages.

“One reason that many hacks go unnoticed is the amount of effort spent on obfuscating the malware code,” said de Groot. “Earlier malware cases contained pretty readable Javascript but in the last scan more sophisticated versions were discovered. Some malware uses multi-layer obfuscation, which would take a programmer a fair bit of time to reverse engineer.”

In other donor-related news, the Center for Public Integrity reported this weekend that a pro-Donald Trump super PAC may also have been the source of a data breach but not because of a hack. Thursday night, the Great America PAC allegedly published the credit card numbers and expiration dates of 49 donors by mistake. The Center for Public Integrity found the credit card numbers as they were reviewing the super PAC’s September Federal Election Commission (FEC) campaign finance disclosures.

This comes one month after the super PAC erroneously revealed the cell phone numbers and/or email addresses of 336 of its donors.

Dan Backer, Great America PAC’s treasurer, blamed “an isolated software glitch in an otherwise automated process” for the mistake.

Backer said he would contact affected donors and encourage them to cancel their credit cards. He would also offer a “long-term extended identity theft monitoring and protection” and give a refund to anyone who requested one.

“Going forward, there’s going to be some unpleasant conversations with the compliance staff about these issues,” Backer added.

The information contained within this article was accurate as of October 24, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Bill Hardekopf

Bill Hardekopf is the CEO of and covers the credit card industry from all perspectives. Bill has been involved with personal finance for over 15 years. He is a frequent contributor to Forbes, The Street and The Christian Science Monitor.
View all posts by Bill Hardekopf
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back