And not just who, but also why — and for some Republicans, when. Hackers gained access to the National Republican Congressional Committee’s systems for an extended period of time, tracking the activities of four “senior aides” for “several months,” Politico reported yesterday. The NRCC brought it outside security consultants and then the FBI, but apparently no one knows who conducted the hack:

The House GOP campaign arm suffered a major hack during the 2018 election, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials.

The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.

April? Why didn’t this come out before the election? That’s a question that a lot of House Republicans might be asking today, too:

However, senior House Republicans — including Speaker Paul Ryan (R-Wis.), House Majority Leader Kevin McCarthy (R-Calif.) and Majority Whip Steve Scalise (R-La.) — were not informed of the hack until POLITICO contacted the NRCC on Monday with questions about the episode. Rank-and-file House Republicans were not told, either.

How did it stay quiet for this long? The NRCC wanted it kept quiet, claiming that publicity would have made it more difficult to find the intruders. (So far it doesn’t appear that seven months of silence did much better.) The Washington Post notes that the breach must not have involved sensitive personal information such as Social Security numbers or other identification, which would have required a report within thirty days.

One other reason it remained quiet, however, is that the hackers apparently wanted it that way, too. That’s a contrast to the hacking of the DNC:

The NRCC intrusion bears similarities to the DNC breach in 2016, in which Russian hackers stole emails of senior committee officials.

But in that case, the Russians gave the emails to WikiLeaks, which published them ahead of the Democratic National Convention. The emails revealed that committee leaders had supported Hillary Clinton as the likely nominee, even though they had publicly claimed not to have a preferred candidate.

There is no indication that any NRCC emails were made public.

Former Obama nat-sec adviser Brett Bruen criticized the NRCC for not coming forward sooner, saying that this might have been a foreign-intelligence hack:

“It would provide them with critical insights into the plans, weaknesses and interests of key GOP officials and candidates. By not being transparent about this clear vulnerability to our democracy, the NRCC placed the interests of party over those of the country.”

Well, the NRCC did notify the FBI, which has jurisdiction in counter-intelligence matters. They claim to have done so “immediately,” and told the Post that the FBI are still investigating the matter. Bruen can’t be seriously claiming that “transparent” in this case means blowing cover on a sensitive counter-intelligence operation, can he?

Bruen’s criticism is a little overblown in another sense, too.  Foreign intel services would have interest in anything to do with elected officials, but it’s not really clear what value the NRCC e-mails and internal comms would have except as a potential embarrassment vehicle, which is how the Russians used the hacked DNC and John Podesta e-mails. You don’t need the NRCC’s internal e-mails to grasp GOTV strategies, and marketing plans are hardly the fulcrum on which national interests lie. There might be some value for extortion tactics to flip people into espionage — but again, the FBI’s been on this for months and thus far appear to have had no grounds for arrest on anything related to the hack.

According to the description of the hack, someone went to a lot of time and expense to get into the NRCC’s system only to come up with nothing, at least so far. Could that be what Defense Secretary James Mattis had in mind this week when he claimed that Russia tried interfering with the 2018 midterms? Or was this more of a domestic dirty trick by an entity with deep pockets and a big desire to see what Republicans had planned in the midterms? We may not know until the detective brings everyone into the dining car for the big reveal in the last five pages of this whodunit, but it’s worth watching along the way.