So you get an email that says you need to reset your password because someone in Ukraine is attempting to access it and so you should click on an included link. If you’ve noticed the regularity with which phishing scams rope people in, maybe you pump the brakes. Forward that email to your IT department and they confirm—it’s official. You click the link. Your due diligence done, you proceed as advised.

John Podesta, chief of staff to President Bill Clinton, counselor to President Obama, and current chairman of the Clinton campaign, did just that. Since the public learned about the initial hack, the method of attack has been determined. In a bit of a flourish and at odds with their usual methods, the Russian hackers released the email chain showing the targeting of Podesta and the response from his IT department.

Podesta was one of 20 Clinton staffers who fell victim to the phishing, according to Dell SecureWorks, an Atlanta-based security firm. Whether any other staffers notified IT of the attempts is unclear.

In June, SecureWorks disclosed that among those whose email accounts had been targeted were staff members who advised Mrs. Clinton on policy and managed her travel, communications and campaign finances.” –NYT