Newt Gingrich is seen in front of The Heritage Foundation logo in 2012. | AP Photo Data breach: Heritage Foundation emails, donor info stolen

The Heritage Foundation suffered a data breach this week in which intruders swiped sensitive emails and donor information, the right-wing think tank confirmed Wednesday.

Some of those stolen files may have since started surfacing on the Internet.


"We experienced a malicious, unauthorized data breach of six-year-old documents on an external server that appear to contain personal information of private donors, who we are notifying,” said spokesman Wesley Denton. “We are unable to verify the authenticity of files circulated online.”

The breach occurred at the same time that the foundation’s multimedia news organization, the Daily Signal, has criticized the Obama administration and federal agencies such as the Office of Personnel Management over lax cybersecurity. One article in July was headlined “How Obama’s Poor Judgment Led to the Chinese Hack of OPM.”

Last month, Riley Walters, a research assistant at the Heritage Foundation’s Davis Institute for National Security and Foreign Policy, wrote that “the IRS breach, in addition to the OPM hack, continues to raise serious questions regarding the government’s competency in securing important information.”

Wednesday's news is a reminder that even organizations that warn of loose cybersecurity can suffer attacks themselves.

"Our internal servers were not part of this breach and we have taken — and will continue to take — all appropriate steps to ensure that our members have the ability to support public policy organizations free from intimidation," Denton said.

"All Americans have the right to support causes without fear of harassment, and that is why we respect and work to safeguard our supporters’ privacy,” he added. “The Heritage Foundation has over half-a-million members with diverse views who are united with a passion to advance conservative policies that make life better for all Americans.”

In 2012, then-House Intelligence Chairman Mike Rogers (R-Mich.) said think tanks were a juicy target for foreign intelligence services and were under a constant cyber espionage assault. Many of them employ well-connected former government officials, and their work provides a window into U.S. policy.

The Heritage Foundation, like many think tanks, has confronted cyberattacks before. In a 2012 USA Today story about the push by foreign countries to hack U.S. think tanks, a foundation spokesman said it had once fended off an attack it believed came from China.

Earlier this year, the Urban Institute think tank disclosed to charitable organizations that its National Center for Charitable Statistics, a system for filing taxes, had been breached. An estimated 600,000 to 700,000 organizations were affected.

And cybersecurity firm Crowdstrike last year said it had “detected multiple simultaneous compromises at several national security think tanks from an actor we call DEEP PANDA, one of the most advanced Chinese nation-state cyber intrusion groups.” Crowdstrike noted that to date, the group had mainly targeted think tank officials who focused mostly on Asia.

“This actor, who was engaged in targeting and collection of Southeast Asia policy information, suddenly began targeting individuals with a tie to Iraq/Middle East issues,” the firm wrote. “This is undoubtedly related to the recent Islamic State of Iraq and the Levant takeover of major parts of Iraq and the potential disruption for major Chinese oil interests in that country. In fact, Iraq happens to be the fifth-largest source of crude oil imports for China and the country is the largest foreign investor in Iraq’s oil sector.”

Denton would not comment on additional specifics about the breach. "We have a longstanding policy that we do not comment on private donor or internal staff communications,” he said.

Any information dating back six years would preclude the arrival of former Sen. Jim DeMint as president of Heritage, and predate the existence of Heritage Action, the Foundation’s advocacy arm. Heritage’s review thus far has found no evidence of credit card or bank information being breached.