Details of Kremlin's phishing expedition

• Why it matters: "The hackers were closely aligned with the interests of the Russian government."
• The lead: "The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin's cross-hairs."
• "Even senior policymakers discovered they were targets only when informed by The Associated Press, a situation some described as bizarre and dispiriting."
• The previously unpublished digital hit list obtained by AP provides "the most detailed forensic evidence to date of the ambitious hackers who disrupted the U.S. presidential election in 2016."
• AP drew on a database of 19,000 malicious links collected by the cybersecurity firm Secureworks, dozens of rogue emails and interviews with more than 100 hacking targets.
• Follow the hackers.

Anatomy of hacking Hillary:

• "The Clinton campaign was no easy target; several former employees said the organization put particular stress on digital safety."
• "Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. Most messages were deleted after 30 days and staff went through phishing drills.
• "Two-factor authentication may have slowed the hackers, but it didn't stop them.
• "After repeated attempts to break into various staffers' hillaryclinton.com accounts, the hackers turned to the personal Gmail addresses. It was there on March 19 that they targeted top Clinton lieutenants — including campaign manager Robby Mook, senior adviser Jake Sullivan and political fixer Philippe Reines."