IE 11 is not supported. For an optimal experience visit our site on another browser.

Email Shows How Podesta Account May Have Been Hacked

An email released by WikiLeaks appears to show Podesta being notified that he needed to change his password -- a tactic used in phishing scams.
Image: John Podesta
Hillary Clinton campaign chairman John Podesta speaks to members of the media outside Clinton's home in Washington, Oct. 5.Andrew Harnik / AP

An email released Friday as part of the latest batch of stolen communications posted online by WikiLeaks may shed light on how hackers got access to Hillary Clinton Campaign Chairman John Podesta’s email.

The email, sent in March of this year, claimed to be from “The Gmail Team” and asked Podesta to change his email immediately because someone had used his password to log onto his account from an IP address in Ukraine, according to the documents released by WikiLeaks.

The email was formatted to look like a typical message from Gmail’s management team, stylistically, and includes a blue button with the words "change password."

NBC News has not authenticated the emails released by WikiLeaks. WikiLeaks has not said where it got the thousands of emails it has released.

Podesta’s chief of staff, Sara Latham, forwarded the email to a Clinton campaign IT staffer, Charles Delavan, who vetted the email as “legitimate” and instructed Podesta to “change his password immediately, and ensure that two-factor authentication is turned on his account,” according to the material released by WikiLeaks.

"It is absolutely imperative that this is done ASAP," Delavan wrote, according to the emails released online.

He included a link to the correct site to change his Gmail password in the email, which Podesta’s chief of staff then forwarded to Milia Fisher, another campaign staffer, asking her to change his password.

It’s unclear whether Fisher clicked on the legitimate link or the "change password" button included in the original email, but that button is linked to a website with a .tk domain, indicating the site was registered in Tokelau, an island country in the South Pacific Ocean.

Related: WikiLeaks Memo Detailing 'Bill Clinton, Inc.' Likely to Haunt Clinton

The Clinton campaign has not confirmed the accuracy of any of the tens of thousands of emails released through Wikileaks as part of the hacking of Podesta’s inbox. Both a Clinton campaign spokesman and Podesta have said that some of the emails could have been altered.

But the WikiLeaks Twitter account flagged this email, as well as another from a person using a Georgetown Law email sharing that she had been hacked, and added, "Two Clinton staff told Podesta that phishing email "is REAL" despite losing $1000s."

U.S. intelligence officials have linked disclosures by WikiLeaks and other sites to hacking they blame on the Russian government in an attempt to influence the U.S. presidential election. WikiLeaks founder Julian Assange has denied WikiLeaks was being used by Russian officials trying to influence U.S. politics.