A group believed to be linked to a foreign cyber unit has claimed responsibility for accessing private communications related to former President Trump’s 2024 campaign. The group is now threatening to release more data allegedly taken from individuals close to Trump, including senior advisors and political associates.
According to a report published Monday, cybersecurity officials labeled the effort a coordinated attempt to damage public figures through unauthorized access and distribution of private material. The report coincided with the release of a government bulletin warning that actors associated with foreign entities may be targeting U.S. organizations and infrastructure.
Over the weekend, the group—using the alias “Robert”—told a news outlet that it has acquired approximately 100 gigabytes of data, including emails linked to Trump campaign staff and other individuals. The group mentioned the possibility of selling the information but provided no specifics on the contents.
In an earlier case, federal prosecutors had linked the same group to prior breaches of political networks. Officials say that a state-run security organization played a central role in overseeing those operations.
A spokesperson for the Cybersecurity and Infrastructure Security Agency responded to the latest claims, calling the incident a deliberate attempt to create confusion and mistrust through unverified digital content. The agency described the activity as a form of influence operation targeting American institutions and public servants. The spokesperson emphasized that those responsible would be identified and held accountable through legal channels.
During the previous election cycle, experts noted that threat actors from certain foreign countries had engaged in more aggressive digital activity than in earlier years. Independent research firms observed multiple campaigns involving misinformation and data breaches that were believed to be aimed at affecting public opinion and the election process.
The individuals behind the alleged data access stated they had no additional plans for further incidents until recent international conflict escalated regional tensions. They claim their actions were prompted by geopolitical events that unfolded shortly before a ceasefire agreement was brokered by U.S. officials.