Assuming it’s not a hoax, the purported theft of Republican presidential nominee Mitt Romney’s tax returns has all the trappings of a high-tech whodunit: a politically themed burglary, a $1 million demand in hard-to-trace Internet currency, password-protected data and a threat to reveal everything in three more weeks. But can it be believed?
The Secret Service and FBI were investigating the case Thursday after someone claimed to have burglarized a PricewaterhouseCoopers accounting office in Franklin, Tenn., and stolen two decades’ worth of Romney’s tax returns.
The claimed theft, made in an anonymous letter sent to the accounting firm and political offices in Tennessee, has surfaced a critical moment during the 2012 presidential campaign amid the Republican and Democratic conventions. The ransom target in the case — Romney’s tax returns — was carefully selected: Romney, worth an estimated $250 million, has steadfastly declined to make public more than one year’s tax returns so far, and Democrats have sought to portray him as so wealthy he is out of touch with middle class voters.
Authorities are studying computer thumb drives that were delivered with an unusual demand: a $1 million payment in “Bitcoin” Internet currency. The letter said the tax returns delivered on the thumb drives were encrypted, and more copies would be sent to “all major news media outlets.” It promised to reveal the password to unlock the tax returns on Sept. 28 if payment is not made.
PricewaterhouseCoopers has said there was no evidence that anything was stolen.
The alleged culprit suggested an insider helped in the burglary and theft from the firm’s network file servers, knowingly or unwittingly: “We are sure that once you figure out where the security breach was, some people will probably get fired, but that is not our concern,” the letter said.
The plot in this mystery has enough holes that it could be an elaborate hoax. But it comes at a critical moment during the 2012 presidential campaign. In its broadest outlines, the case might be compared to Watergate, the 1972 political break-in that led to President Richard Nixon’s resignation. But unlike Watergate, which started with the arrest of bungling burglars traced to Republicans, the Tennessee case is a baffling mystery so far, without any clear suspects. There is no evidence Democrats were involved.
“I looked at the letter and thought, ‘Who on earth thinks we’re gullible enough to fall for this?'” said Peter Burr, chairman of the Williamson County Democratic Party, which received one of the thumb drives and a copy of the extortion letter last week. He kept the letter and data device, growing curious about them as days passed. He rightly feared the thumb drive might be infected with a computer virus.
“I had reached the point of seriously considering putting it in an old computer we have here in the office where we weren’t worried if the hard drive got trashed or not,” Burr said. “But by then we had received recommendations from our attorneys and word from the Secret Service. So we didn’t look at it.”
It was unclear even among experts whether the purported theft might be a hoax. The alleged culprit so far has provided no evidence that Romney’s tax returns actually were stolen, such as a scan of a partial page from one of the documents. But for seasoned and committed hackers such a theft was described as entirely plausible, especially for someone who could gain physical access to a company’s keyboards.
“So far, there’s just zero proof. It’s like every bad Hollywood plot, which makes me think this is fishy,” said Marc Maiffret, chief technology officer for BeyondTrust Software Inc. of Carlsbad, Calif. “But any competent hacker, any good penetration-tester, if they wanted to get Mitt Romney’s tax returns, it wouldn’t be that hard to do. These breaches are absolutely possible. If you can sit at the computer it would take two minutes to bypass the log-in information.”
“The only time you’re going to hold something over someone’s head is if they’re trying to keep stuff secret,” Maiffret said.
A former FBI cyber-crime expert, Michael J. Gibbons, said the unusual ransom demand sounded similar to popular email fraud scams.
“This sounds more like a Nigerian letter scam than an organized hacking attempt,” said Gibbons, former chief of FBI computer crimes investigations and now a managing director at Alvarez & Marsal in Washington. “It doesn’t pass the smell test.”
There was no sign a thumb drive had been delivered to The Associated Press. A spokeswoman for the New York Times, Eileen Murphy, said the newspaper had not received one, either. The Wall Street Journal declined to comment.
Politicians previously have found themselves targets in burglaries, thefts and hacking. Candidates and political parties have reported dozens of break-ins across the U.S. In 2007, for example, Barack Obama’s Iowa field office reported a burglary that netted two laptop computers and campaign literature. The next year, a University of Tennessee student was arrested for hacking into Republican vice presidential candidate Sarah Palin’s personal email account. He was later convicted of obstruction of justice and unauthorized access to a computer. He served an 11-month prison sentence.
The demand in the latest case for $1 million in Bitcoin currency would complicate efforts to trace any payments over the Internet, but U.S. authorities have successfully uncovered such trails in other cases.
“It’s definitely harder than normal to uncover someone’s financial identity,” Maiffret said. “But our government, we find a lot of bad guys in the world in cyber-crime and terrorism cases by following the money trails.”
Gibbons agreed: “It’s an ineffective cloak of anonymity,” he said.
Even if the latest case were a hoax, hackers have been alerted to intense public interest in Romney’s personal finances.
“You’ve got every hacker in the world thinking, ‘Wouldn’t that be awesome to do?'” Maiffret said. “I have a feeling this is going to be a hoax, but you’re going to have copycats who are going to try to do this.”
While the extortionist’s demand for $1 million appears to preclude political motivations, a prosecutor in the original Watergate burglary said motives aren’t always apparent.
“In the Watergate case, it wasn’t clear at the outset what the motivation was,” said Earl J. Silbert, a former U.S attorney in the case. “Even today there are differences of opinion over what was behind it.”