As with last week’s bombshell story about the NSA report leaked by Reality Winner, there’s no evidence here that vote totals were changed. Both Barack Obama and James Comey have denied that that happened.

But what did happen, allegedly, is bad enough.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

The scope and sophistication so concerned Obama administration officials that they took an unprecedented step — complaining directly to Moscow over a modern-day “red phone.” In October, two of the people said, the White House contacted the Kremlin on the back channel to offer detailed documents of what it said was Russia’s role in election meddling and to warn that the attacks risked setting off a broader conflict…

In Illinois, investigators also found evidence that the hackers tried but failed to alter or delete some information in the database, an attempt that wasn’t previously reported. That suggested more than a mere spying mission and potentially a test run for a disruptive attack, according to the people familiar with the continuing U.S. counterintelligence inquiry.

“Thirty-seven states reported finding traces of the hackers in various systems, according to one of the people familiar with the probe,” with California and Florida also finding traces in private systems. (The NSA report leaked by Winner described the infiltration of privately owned third-party software in Florida.) What was the plan, if not to change vote totals? The Obama administration thought the Russians were plotting to wreak havoc by deleting voter-registration records. People would show up on Election Day, ask for a ballot, and … nope, they’re not in the system. The point, as always, is to undermine faith in democratic institutions. Trump had already primed the pump last fall by crowing for weeks that the election might be rigged; if red-staters had showed up to vote and couldn’t get a ballot because their records had been deleted, that glitch would have seemingly proved him right. And if blue-staters had showed up to vote and couldn’t get a ballot, that would have been blamed on either Russia or Republican “voter suppression” or both. Either way, paranoia and mistrust on all sides. Team Obama reportedly delivered a very stern warning about all this to the Kremlin on the cyber “red line,” and … the hacking went on. Eventually we ended up with those wrist-slap sanctions imposed in December, which the Trump White House may or may not be preparing to undo.

Why leak this now? Partly, I assume, because the cat’s already out of the bag per the Winner leak last week. That leak was reportedly made to the Intercept because Winner was annoyed that the site, led by Glenn Greenwald, kept minimizing Russia’s role in the campaign last year. It wasn’t just the DNC and Podesta stuff, she wanted to show; they were screwing around with U.S. election infrastructure and the NSA had hard evidence to prove it. Now that that secret’s been spilled, the calculus may have changed among natsec pros: By exposing the full extent of Russian infiltration, they can put pressure on the White House and State Department to avoid any sweetheart diplomatic deals with Putin. If anything, there’s now pressure on Trump the other way, to beef up U.S. cyberdefenses and get tough with Moscow. If Russian hackers have already gotten the lay of the land of how U.S. systems operate from last year’s adventure, what might they be planning to do in the midterms or in 2020? It’s in Trump’s own interest to build a better electoral cybershield: After all, with stories like this out there circulating now, a surprise reelection victory in three years will be widely dismissed by the left as Russian hackers playing with vote totals to help him. (Heck, most lefties believe that about 2016.)

Anyway, if you were curious as to why those new Russia sanctions yesterday were bipartisan, now you know. The public didn’t know until now how extensive and serious Russian hacking activity in the election was. Congress surely did.