Records obtained by the Indianapolis Star show that Vice President Mike Pence was hypocritically using a private email address to conduct state business at the same time that he joined the chorus of Republicans condemning Democratic presidential candidate Hillary Clinton for operating similarly by using a private email address and server.
The revelation came late Thursday when the Indiana attorney general's office released 29 emails from the AOL account that Pence used as governor, in response to multiple public records requests from the Indianapolis Star.
"Pence fiercely criticized Clinton throughout the 2016 presidential campaign, accusing her of trying to keep her emails out of public reach and exposing classified information to potential hackers," as the Star noted.
The Indiana attorney general's office declined to release more emails "because the state considers them confidential and too sensitive to release to the public," the newspaper reported.
If the emails are too sensitive to be seen by the public, it is unclear why Pence considered an AOL server an appropriate place to host them.
"The fact that these emails are stored in a private AOL account is crazy to me," Justin Cappos, a computer security professor at New York University's Tandon School of Engineering, commented to the Star. "This account was used to handle these messages that are so sensitive they can't be turned over in a records request."
And at least one unintended person has seen those sensitive emails: an anonymous hacker.
Pence's AOL account was hacked in June, after Pence apparently responded to a phishing attempt. "Pence's contacts were sent an email falsely claiming that the governor and his wife were stranded in the Philippines and needed money," reports the Associated Press.
The Indianapolis Star delved into why this particular hack is so alarming:
SCROLL TO CONTINUE WITH CONTENT
Never Miss a Beat.
Get our best delivered to your inbox.
Because the hacker appears to have gained access to Pence's contacts, experts say it is likely that the account was actually penetrated, giving the hacker access to Pence's inbox and sent messages.
The nature of that hack suggests it was part of a broad, impersonal attack—not one carefully crafted to target Pence in particular, Cappos said.
"It's particularly concerning that someone who didn't do a very particular, very specific attack was able to hack this account," he said.
AOL has been the target of hackers before: users' emails and passwords were stolen in a massive breach back in 2014.
Yet Pence continued to use his own private AOL address to conduct state business, all while heaping criticism on Clinton for keeping her emails "out of the public reach":
.@realDonaldTrump and I commend the FBI for reopening an investigation into Clinton's personal email server because no one is above the law.
— Mike Pence (@mike_pence) October 28, 2016
"Hillary Clinton [...] operated in such a way to keep her e-mails, and particularly her interactions, while Secretary of State, with the Clinton Foundation out of the public reach, out of public accountability," Pence told Meet the Press in October.
Pence allies are refusing, however, to acknowledge the similarity between Clinton's and Pence's behavior. "The comparison is absurd," Pence spokesman Marc Lotter told AP.
"Officials are eager to point the finger at a lack of transparency when it happens on the other side," Gerry Lanosga, former president of the Indiana Coalition for Open Government, told the Indianapolis Star. "But they dodge those issues when it comes to their own side."