The DNC suspended Sanders' access to the master list, pending an investigation. The Sanders campaign on Friday morning held a press conference about the breach and the DNC's response. Weaver argued against the DNC's decision to block its access to the master list, calling it "sabotage." He said the campaign will seek an injunction in federal court later on Friday if it isn't re-granted access to the data. Weaver called for an independent audit of the DNC's actions in this case.
"We are running a clean campaign," Weaver said.
In a blog post, NGP VAN described the Wednesday incident as follows:
"On Wednesday morning, there was a release of VAN code. Unfortunately, it contained a bug. For a brief window, the voter data that is always searchable across campaigns in VoteBuilder included client scores it should not have, on a specific part of the VAN system. So for voters that a user already had access to, that user was able to search by and view (but not export or save or act on) some attributes that came from another campaign."
NGP VAN determined that only the Sanders campaign had potentially accessed confidential data.
Sanders' National Data Director Josh Uretsky took responsibility for accessing Clinton's information and was promptly fired, though he says his intentions were exploratory, not predatory.
"We knew there was a security breach in the data, and we were just trying to understand it and what was happening," Uretsky told CNN on Friday. He continued, "We investigated it for a short period of time to see the scope of the Sanders campaign's exposure and then the breach was shut down presumably by the vendor. We did not gain any material benefit."
Uretsky said he was testing the breach, seeing how deep it went and if Sanders' confidential data were similarly accessible by outside parties. He was about to call the DNC to tell them about the incident, but the DNC called him first, he said.
"This wasn't the first time we identified a bad breach," Uretsky told CNN. The Sanders campaign reported a similar breach in October.
Campaign Manager Weaver echoed that sentiment in a statement, saying, "This is not the first time that the vendor hired by the DNC to run the voter file program, NGP VAN, has allowed serious failures to occur. On more than one occasion, they have dropped the firewall between the data of competing Democratic campaigns. That is dangerous incompetence."
Sanders himself later clarified that the DNC used two separate vendors, and Uretsky said the October issue wasn't within NGP VAN's system.
DNC spokesman Luis Miranda responded with a statement to The Washington Post.
"The DNC places a high priority on maintaining the security of our system and protecting the data on it," Miranda said. "We are working with our campaigns and the vendor to have full clarity on the extent of the breach, ensure that this isolated incident does not happen again, and to enable our campaigns to continue engaging voters on the issues that matter most to them and their families."
Update: The Bernie Sanders campaign sued the DNC on Friday in federal court over a breach of contract. Read the complaint in PDF form here. It claims, in part, that being banned from accessing the DNC's master list of voter data does the Sanders campaign "irrrepable (sic) injury and financial losses... that are incapable of precise calculation, but exceed $600,000 per day."
Update 2: Early Saturday morning, Reuters reports that the DNC has restored the Sanders campaign's access to voter data. DNC Chair Debbie Wasserman Schultz tweeted that "The Sanders campaign has provided us with the info needed to restore their voter file access," but in a longer statement said the DNC would continue to investigate.
[Image credit: Flickr/Phil Roeder]