Theft of two computers during Capitol attack raises information security concerns

Sign up for the Guardian’s First Thing newsletter

At least two computers were stolen from the Capitol when a violent mob of Donald Trump supporters stormed the building on Wednesday – including one from the office of the House speaker, Nancy Pelosi – raising grave information security concerns.

An aide to Pelosi confirmed Friday that a laptop was stolen from the speaker’s office, saying it belonged “to a conference room and was used for presentations”, but did not elaborate further on what information it may contain.

At least one other computer was stolen, a laptop belonging to the office of the Democratic senator Jeff Merkley, of Oregon. The acting US attorney, Michael Sherwin, said that some of the thefts might have potentially jeopardized what he described as “national security equities”.

The theft of electronic devices from congressional offices has been a persistent worry following the invasion by Trump supporters, who, incited by the president, entered the capitol in an effort to subvert the certification of Joe Biden’s election win.

DoJ confirms email accounts breached by SolarWinds hackers

Read more

Staffers were quickly forced to shelter in place, leaving many devices vulnerable to the attackers. Photos posted by rioters from inside the Capitol showed exposed computers, including one in Pelosi’s office with an email inbox in full view. The impact of such a device being taken could be grave, said Brandon Hoffman, the chief information security officer at IT security provider Netenrich.

“Regardless of how much they want to downplay this, the laptop has to have at least access that could be leveraged,” he said. “It’s highly unlikely that this laptop was sitting there with no files, or file access, or any other useful information to somebody looking for leverage or retribution.”

What else might have been taken during the chaos is not yet known. Some information technology experts worry that intruders may have planted malicious software on computers, although it’s not clear that devices were a particular focus of the attack.

The concerns come as the US grapples with the aftermath of the biggest state-sanctioned hack of the government in history, after SolarWinds was breached and government email was accessed. Officials are still working to determine the extent to which government devices were violated in that breach, which is now being attributed to Russia. Nearly 10 agencies were impacted, including the US Treasury and Department of Commerce.

Reuters contributed to this report