The State Department’s Inspector General has concluded that Hillary Clinton and her senior aides ignored repeated warnings that her private email system was vulnerable to hackers when she was Secretary of State. The IG also finds, in the report set to be released Thursday morning, that Clinton failed to comply with Federal Records Act requirements to turn over her work e-mails when she left office in 2013.

The report, copies of which were provided to the State department and Congress ahead of its public release, will drive continued criticism of Clinton’s unorthodox e-mail arrangement as she seeks the White House, and could fuel civil cases brought by watchdog groups seeking access to her e-mails.

The IG found evidence that hackers tried to breach Clinton’s server, but were unsuccessful. The report finds that the technical specialist Clinton used to manage the server had twice shut the system down when it came under attack. On January 9, 2011, the report says, the specialist wrote a top Clinton aide that “someone was trying to hack us and while they did not get in i didn’t want to them them have the chance to.” Another attack occurred later the same day, the report says.

The FBI has been investigating since last August how classified information made it onto Clinton’s unclassified private server. The investigation is in its final stages and there is no indication criminal charges against anyone are likely, or that classified information was compromised or that the system was actually breached. Clinton’s senior aides have been interviewed by the FBI, and the former Secretary is expected to be interviewed soon.

Clinton’s critics have accused her of endangering national security and intentionally thwarting rules and laws enforcing government transparency. In a statement, her campaign said that “there is no evidence of any successful breach of the Secretary’s server” and that “Clinton’s use of personal email was not unique, and she took steps that went much further than others to appropriately preserve and release her records.”

The Federal Records Act requires government officials to comply with rules that they hand over all their work e-mails to their employers when they leave government. Clinton only turned over more than 30,000 pages of work e-mails to the State Department 21 months after she stepped down in 2013.

The State IG report says Clinton responded in person to a top department security official in 2009 after he sent a classified memo to her chief of staff describing the vulnerability of Blackberry devices to hackers. The report also says Clinton received a March 11, 2011 email from the State cyber security team warrning of a “dramatic increase since January 2011 in attempts by [redacted] cyber actors to compromise the private home e-mail accounts of senior Department officials.”

Multiple organizations are suing the State Department for access to Clinton’s e-mails, and some claim she intentionally thwarted the Freedom of Information Act in keeping all her work e-mails on her private server. One group, Judicial Watch, has asked a federal judge to subpoena all of Clinton’s e-mails to ensure she isn’t hiding anything. The judge in that case has said he may subpoena all her documents, potentially including any recovered personal e-mails which Clinton sent and received on the system.

Preventing those personal e-mails from becoming public appears to have been a contributing factor in why Clinton set up the private server to begin with, according to one e-mail exchange made public by the State IG report. In November 2010, the report says, Clinton’s Deputy Chief of Staff emailed her that “we should talk about putting you on state email or releasing your email address to the department.” Clinton responded, “Let’s get separate address or device but I don’t want any risk of the personal being accessible.”

[scribd id=313803483 key=key-YfeQ5372RM7YyrSLz4qh mode=scroll]

Get our Politics Newsletter. The headlines out of Washington never seem to slow. Subscribe to The D.C. Brief to make sense of what matters most. Please enter a valid email address. Sign Up Now Check the box if you do not wish to receive promotional offers via email from TIME. You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy . This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Thank you! For your security, we've sent a confirmation email to the address you entered. Click the link to confirm your subscription and begin receiving our newsletters. If you don't get the confirmation within 10 minutes, please check your spam folder.

Contact us at letters@time.com.