September 2, 2015; Politico

Politico reports that a right-wing think tank suffered a data breach this week that nabbed sensitive emails and donor information, some of which may now be circulating on the Internet.

Heritage Foundation spokesperson Wesley Denton confirmed that the group “experienced a malicious, unauthorized data breach of six-year-old documents on an external server that appear to contain personal information of private donors, who we are notifying,” but he stopped short of verifying that the files appearing online were authentic.

Think tanks have a special allure for foreign hackers. Earlier in the year, NPQ reported on the hacking of the Urban Institute’s National Center for Charitable Statistics, which involved the files of 600,000–700,000 charities. Neither is this the first such attack on the Heritage Foundation: In 2012, a foundation spokesman told USA Today that it had once foiled an attack that was thought to have originated in China.

Denton refrained from getting into specifics. “We have a longstanding policy that we do not comment on private donor or internal staff communications,” he said.

The Daily Signal, which is the news outlet of the foundation, has taken the Obama administration and federal agencies such as the Office of Personnel Management to task for what it sees as lax cybersecurity. How embarrassing to live in a glass house when you just threw a bunch of stones! But this was not mentioned by Denton, who was busy portraying the foundation as on the case. “Our internal servers were not part of this breach and we have taken—and will continue to take — all appropriate steps to ensure that our members have the ability to support public policy organizations free from intimidation,” Denton said.—Ruth McCambridge