More than 70,000 emails sent and received by the French President are available to view on the whistleblowing website
Wikileaks has published Emmanuel Macron’s leaked presidential campaign emails as a searchable archive, meaning millions of internet users will be able to access the 71,848 emails sent and received during Macron’s leadership bid.
The whistleblowing website revealed more than 20,000 of the emails were sent or received by addresses associated with the campaign, with the others emails it couldn’t verify.
Macron’s office said the now French President’s email account was hacked on 5 May – just a few days before he defeated second favourite candidate Marine Le Pen. This is despite the campaign team reportedly planting false data to try and fool any hackers from stealing the data.
Although it hasn’t been revealed who was responsible for the hack, security experts involved in Macron’s campaign have previously blamed Russians and researchers said the attack originated from a group known as APT28 or Fancy Bears.
This was the same group that apparently hacked the US Democrats last year during President Trump’s leadership bid and has triggered concern from security groups that are predicting the threat of political attacks is building.
“Not only must we protect the integrity of our electronic voting systems, but election data breaches are becoming all too common and can be devastating for a candidate and a nation at large,” said Ken Spinner, vice president of global field engineering at Varonis.
“Campaign data is a gold mine for hackers (donor lists, strategies, demographics, sentiment, opposition research), and leaks like this serve as yet another wake-up call to governments that cyber security needs to be a continual, central focus and investment at the highest levels.
“We’re seeing that political email leaks and demonstrating the vulnerability of democratic elections are extremely valuable to hackers, looking to disrupt government, enterprise, and the global economy.
He added that companies must ensure data is closed to everyone apart from those that need access to it and all access should be monitored and recorded, so if it is discovered someone has managed to infiltrate the system, they will be identified and investigated.