Additional reporting for this story was contributed by Denise Clifton and AJ Vicens.
On Monday, The Atlantic published private messages from September 2016 in which WikiLeaks gave Donald Trump Jr. the password to a forthcoming site documenting his father’s ties to Russia. But there was more to the story of WikiLeaks’ apparent effort to conspire with the Trump campaign against PutinTrump.org—and I had a front-row seat to it, as editorial director of the site. Within just minutes of reaching out to Trump Jr., WikiLeaks also publicized the password, setting off a wave of online harassment, email bombs, and personal threats against people behind the site.
Here’s the deeper story.
On the evening of September 20, 2016, WikiLeaks sent a direct message on Twitter to Trump Jr.: “A PAC run anti-Trump site putintrump.org is about to launch. The PAC is a recycled pro-Iraq war PAC. We have guessed the password. It is ‘putintrump.’ See ‘About’ for who is behind it. Any comments?”
“Off the record I don’t know who that is, but I’ll ask around,” Trump Jr. responded about 12 hours later. “Thanks.”
Trump Jr. soon emailed top officials in the Trump campaign about the exchange, according to The Atlantic, including Steve Bannon, Kellyanne Conway, digital director Brad Parscale, and Trump’s son-in-law, Jared Kushner; Kushner forwarded the email to campaign communications staffer Hope Hicks.
Almost immediately after WikiLeaks messaged Trump Jr., though, it made another move: It tweeted out the password. (The password did not allow anyone access to the back end of the site; it was intended simply to let the press preview the site as it would look the following day, when it went live.)
— WikiLeaks (@wikileaks) September 21, 2016
Our site was soon hit with a surge of traffic and spam while it was still password-protected and meant to be out of public view—and that was just the beginning. Within hours, people involved with launching the site were doxxed and personally targeted on Twitter, an attack that quickly spread to Reddit and to alt-right and pro-Trump news sites. Mother Jones is withholding some details about the attack at the request of the people who were targeted due to their concerns about further harassment: Their cellphone numbers, home addresses, and other information about them and their family members were publicized, alongside calls to go after them. Their email accounts were hit with a spambot attack, signing them up for thousands of unwanted subscriptions—many in a foreign language—which rendered the accounts unusable. In a panic, one of them sent me a message: “We are getting 100,000 spam messages to our inbox and all of our personal info is on twitter.” They also received menacing emails and crank phone calls.
“It was the scariest times in our lives,” recalls one of the people targeted. “There were messages threatening our families.”
It is unclear who was behind the Twitter account that appeared to lead the targeting of PutinTrump.org on September 20. (We are also withholding the account’s handle because of sensitive information still posted there as of this story’s publication.) The account was created in February 2016 and went dark about three weeks after the attack began, just before the presidential election. The account offered to reward “whoever can find dirt” on the people working with PutinTrump.org; in another tweet it declared, “We will uncover them ALL!”
The lead attacker’s eight-month-long timeline was filled primarily with anti-Hillary Clinton vitriol and conspiracy theories. It also purported to back Bernie Sanders—and, on numerous occasions, it highlighted the John Podesta emails stolen by Russian hackers and retweeted pro-Trump content from WikiLeaks.
We found no evidence that our site was hacked. The password shared without authorization by WikiLeaks had been created for an embargoed press release sent on September 19 to journalists at roughly a dozen major news organizations who agreed to keep the information about the project private until after the following morning’s launch. It is unclear how WikiLeaks learned about the existence of our site prior to the launch—we had not yet publicized it to anyone other than the group of journalists.
The private exchange between WikiLeaks and Trump Jr. came just seven weeks before the presidential election, and two months after WikiLeaks began releasing Democratic National Committee emails stolen by Russian hackers. By then it was widely known that WikiLeaks had been a vehicle for Russian hackers, as publicly confirmed by US intelligence leaders.
Digital evidence examined by Mother Jones indicates with near certainty that WikiLeaks communicated with Trump Jr. about the launch of PutinTrump.org just eight minutes before posting the password for its millions of followers.
WikiLeaks and a representative for Donald Trump Jr. did not respond to questions from Mother Jones for this story.
WikiLeaks also was wrong about the PAC funding our project. Created by technology entrepreneur Rob Glaser, the PAC was initially titled “Progress for America.” There was no connection to a much older pro-Iraq War PAC of the same name, as WikiLeaks perhaps believed. That older group had not been registered with the Federal Election Commission; after realizing the overlap, Glaser immediately changed the PAC’s name to “Progress for USA,” on the day PutinTrump.org was launched.
After the election, we preserved PutinTrump.org as a content archive. In March, journalist Denise Clifton and I began working with Mother Jones on a new project contributing to Mother Jones’ broader reporting on the sprawling Trump-Russia investigation. (Disclosure: Mother Jones receives some funding from Glaser’s foundation.)
“We launched PutinTrump.org because I and others inferred that there were a set of unseemly and perhaps illegal links between then candidate Trump and Russia’s efforts to hack our democracy. It’s clear that our inferences were well founded,” Glaser says. “Even so, we had no idea that our website would actually stimulate new links connecting the Trump campaign, Russian hackers, and their publisher, WikiLeaks.”