It reminds me of how people were talking about the Podesta email incident as some massively complex hacking job. It wasn't -- they found out he still used Yahoo Mail and phished him. I can't believe that (a) one of the most powerful political operatives in the Clinton campaign uses Yahoo Mail, and (b) that he fell for it.
Actually the email seemed suspicious to Podesta so he asked his 20-something security "expert" to look at it. Now keep in mind that probably almost all of us know to have a mouse hover over a link in an email to see where it really goes. For example, if a link supposed to go to mycompany.com actually goes to gizshiz.com or mycompanyname.ru, yeah, you should be smart enough to think those are probably not really mycompany.com. The problem was that his "expert" didn't do this. He simply looked at the email, immediately proclaimed it to be legit and insisted that Podesta immediately click on the link and change his password. Insiders refused to name the "expert" or say whether he still has a job. My guess is that he does. But Podesta correctly got suspicious and asked for help, he just put his faith in someone to help him who didn't deserve it. For all the reported use the Democratic Party made of cutting edge analytics when Obama ran for president, they seem to have really weird ideas at the very top about security. I still maintain that had Bill and Hillary used their fortunes to hire real security experts for the foundation's email server and ran something like a hardened form of BSD on it, it could have mitigated a lot of the damage of using a private server, but no, they just had to use some local 2 man operation that was basically a small, local equivalent of Geek Squad and they used them because they were nearby and cheap, not good.