Former senator Hassan aide stole gigabytes of ‘high value’ data | InfoWatch

You are here

Former senator Hassan aide stole gigabytes of ‘high value’ data

A former IT aide to New Hampshire Democratic Sen. Maggie Hassan mounted an “extraordinarily extensive data-theft scheme” against the office, as the culprit’s plea agreement states, The Daily Caller writes.

The plot included the installation of tiny “keylogging” devices that picked up every keystroke. Between July and October 2018, former IT aide Jackson Cosko worked with an unnamed accomplice, a then-current Hassan employee, who repeatedly lent him a key that he used to enter the office at night and who allegedly tried to destroy evidence for him.

Cosko accepted responsibility for the events revealed by federal prosecutors in court Friday.

A statement of facts that Cosko agreed to says that from July to October 2018, he “engaged in an extraordinarily extensive data-theft scheme, copying entire network drives, sorting and organizing sensitive data, and exploring ways to use that data to his benefit,” arranging it into folders such as “high value.”

The theft occurred after Cosko was fired from Hassan’s office in May 2018 for undisclosed reasons, then hired by Democratic Texas Rep. Sheila Jackson Lee, giving him access to the House computer network.

“The defendant gained access to Senator Hassan’s Office by unlawfully obtaining keys from a staffer who was (at the time) still employed in the Office” and using it to repeatedly burglarize the office. He placed small, unobtrusive devices on at least six Senate computers that captured every keystroke, including usernames and passwords which he would then use to access further documents.

He repeatedly sneaked into her office late at night and gathered dozens of gigabytes of data including dozens of usernames and passwords belonging to Senate employees, tens of thousands of emails and internal documents, credit card information belonging to Senate employees, social security numbers belonging to Senate employees, personally identifying information belonging to hundreds of other persons (presumably constituents) and private phone numbers and home addresses of senators.

In October 2018, he used information stolen from Hassan’s office to doxx Republican Utah Sens. Orrin Hatch and Mike Lee as well as Republican South Carolina Sen. Lindsey Graham. Republican Kentucky Sen. Rand Paul later called for punishing the then-unknown offender. Cosko then doxxed Paul and Senate Majority Leader Mitch McConnell. “The defendant published that information maliciously, with the intent to intimidate the Senators,” the plea agreement says.

On October 2, Cosko again borrowed a key from the accomplice who knew “that the defendant intended to unlawfully enter the Senator’s Office that night.” At 10p.m., went back to Hassan’s office for more data, but was caught in the act by another Hassan staffer, who he then threatened: “If you tell anyone I will leak it all. Emails, signal conversations, gmails,” he said.

The next day, Cosko met with his accomplice, referred to as Subject A, and returned his key and “told Subject A to wipe down all of the computers, keyboards and computer mice.” But a third witness nearly caught him in the act, so the accomplice texted Cosko: “Hey So I was able to wipe down the keys and mouse but [witness 3] was coming so I could [not] do the other thing.”