BuzzFeed Subpoenas Companies for DNC Hacking Information

The online news outlet BuzzFeed has subpoenaed the internet firm Bitly and the cybersecurity company Secureworks as part of its efforts to defend itself against a libel suit brought against the outlet over its decision to publish a collection of memos alleging ties between U.S. President Donald Trump and Russia.

According to legal documents reviewed by Foreign Policy, BuzzFeed is seeking technical information from the two companies related to the hacking attacks on Democratic Party leadership, the Hillary Clinton campaign, and staffers including John Podesta in the run-up to the 2016 election.

Aleksej Gubarev, a Russian technology executive, sued BuzzFeed for libel in February after the news organization published the memos authored by former British spy Christopher Steele. Those memos include claims — strongly denied by Gubarev — that he and his companies were recruited by the Kremlin’s security organs to break into Democratic Party computer systems ahead of the 2016 election.

The memos, part of a so-called dossier, circulated widely among journalists and American officials in the fall of 2016. After CNN reported in January 2017 that Trump was briefed on the dossier, BuzzFeed published it in full, prompting Gubarev’s lawsuit.

BuzzFeed’s lawyers are now seeking technical information held by the two firms to determine whether there is any truth to Steele’s allegation that Gubarev and his company played a role in breaking into the Democratic National Committee (DNC).

“The subpoena seeks information on what Bitly knows about how its links were used to hack various targets throughout 2016,” said Matt Mittenthal, a spokesman for BuzzFeed.

“We would be remiss if we didn’t use every tool to determine the truth of what actually happened — and whether, as the dossier claims, Mr. Gubarev’s servers were behind the DNC hack,” Mittenthal added.

A spokesperson for Bitly said the company does not comment on particular legal cases but said it complies “with valid and applicable subpoena requests after careful internal review.”

A spokesperson for Secureworks said the company does not comment on ongoing litigation.

Hackers working on behalf of the Russian government are believed to have used Bitly — a service for shortening links — to hack into the email accounts of Democratic operatives. Bitly allows its users to input a web address, and get a shorter version of that link.

That shortened link disguises the actual website a user will visit when he clicks the link, and can be used by hackers to visit sites laced with malicious software.

Gubarev’s lawyers dismissed BuzzFeed’s latest subpoenas as a fishing expedition. “Buzzfeed is looking for this information in the hope that they can prove that our clients were involved with the hack into the DNC so that they can justify what they published without doing any investigation,” said Evan Fray-Witzer, one of the lawyers representing the Russian technology executive. “The problem that they’re going to have is that our clients weren’t involved, so they can subpoena whomever they like – it won’t change the simple fact that they libeled our clients.”

BuzzFeed’s effort to verify elements of the dossier runs in parallel with ongoing U.S. government investigations examining some of the same issues.

A January report by the American intelligence community concluded that Russian operatives broke into the email accounts of Democratic officials as part of their effort to boost Trump’s electoral prospects. Emails and documents stolen from those accounts were later published online on a variety of websites, including WikiLeaks.

In June 2016, Secureworks published a public report documenting how hackers likely working on behalf of Russian intelligence used Bitly to target the email accounts of Democratic Party operatives.

According to the Secureworks research, the hackers appear to have inadvertently used a public Bitly account to send malicious links to Democratic officials. When clicked, those links took targeted users to a page where they would be prompted to input their email and password.

Using the Bitly data, Secureworks researchers were able to examine who the links targeted and how many times they had been clicked.

BuzzFeed is asking Secureworks to turn over the technical data and other material that served as the basis of their report.

These latest subpoenas in the case are part of a flurry of legal activity related to Gubarev’s libel suit. BuzzFeed’s lawyers are also attempting to compel the government to answer questions about whether law enforcement and intelligence officials reviewed the Steele dossier and whether it contributed to its investigations of Russian meddling in the 2016 election.

Separately, Gubarev’s legal team is attempting to compel a slew of news outlets to give up information about how they obtained copies of the dossier. Those efforts have so far been unsuccessful.