Vice President Mike Pence routinely used a private email account to conduct public business as Indiana’s governor, according to public records obtained by the Indianapolis Star.
The newspaper reported Thursday that emails provided through a public records request show that Pence communicated with advisers through his personal AOL account on homeland security matters and security at the governor’s residence during his four years as governor.
“Cybersecurity experts say the emails raise concerns about whether such sensitive information was adequately protected from hackers, given that personal accounts like Pence’s are typically less secure than government email accounts,” the IndyStar says. “In fact, Pence’s personal account was hacked last summer.”
The newspaper reports that Pence’s AOL account was hit by a phishing scheme before he was chosen by Donald Trump to join the GOP presidential ticket, and Pence’s contacts were sent an email falsely claiming that the governor and his wife were stranded in the Philippines and needed money.
Pence’s office in Washington issued a statement saying in part that, “As Governor, Mr. Pence fully complied with Indiana law regarding email use and retention.”
The IndyStar notes that, “Indiana law does not prohibit public officials from using personal email accounts, although the law is generally interpreted to mean that official business conducted on private email must be retained for public record purposes.”
The governor moved to a different AOL account with additional security measures, Pence spokesperson Marc Lotter said, but has stopped using the new personal account since he was sworn-in as vice president.
Lotter said Pence “maintained a state email account and a personal email account” like previous Indiana governors. At the end of his term, Pence directed outside counsel to review all of his communications to ensure that state-related emails were transferred and properly archived by the state, he said.
As Trump’s running mate, Pence frequently and strongly criticized Hillary Clinton’s use of a private email server as President Obama’s secretary of state, accusing her of purposely keeping her emails out of public reach to shield her from scrutiny.
At one point, the IndyStar points out, Pence said on the NBC News broadcsast “Meet the Press” that Clinton was “the most dishonest candidate for president of the United States since Richard Nixon.”
“What’s evident from all of the revelations over the last several weeks is that Hillary Clinton operated in such a way to keep her emails, and particularly her interactions while Secretary of State with the Clinton Foundation, out of the public reach, out of public accountability,” Pence said. “And with regard to classified information she either knew or should have known that she was placing classified information in a way that exposed it to being hacked and being made available in the public domain even to enemies of this country.”
Lotter said the comparison between Clinton and Pence “is absurd” because Clinton had set up a private server in her home at the start of her tenure at the State Department and, unlike Clinton, Pence did not handle any classified material as Indiana’s governor.
Clinton critics assert that, at best, she skirted federal records management rules by exclusively using personal email to conduct government business.
Experts told the IndyStar that similar arguments about a lack of transparency could be made about Pence using a personal email account as were made about Clinton.
“There is an issue of double standard here,” Gerry Lanosga, a professor at Indiana University and past president of the Indiana Coalition for Open Government, remarked to the newspaper. “He has been far from forthcoming about his own private email account, on which it’s clear he has conducted state business. So there is a disconnect there that cannot be avoided.”
The IndyStar reports, “The emails were obtained after a series of public records requests that the Pence administration did not fulfill for nearly four months before Pence left office.”
Corey Nachreiner, chief technology officer at computer security company WatchGuard Technologies, told the IndyStar that Pence’s and Clinton’s email accounts were, as the newspaper put it, “probably about equally vulnerable to attacks.”
“In this case, you know the email address has been hacked,” he told the IndyStar. “It would be hypocritical to consider this issue any different than a private email server.”
The newspaper reported that the office of Pence’s successor, Indiana Gov. Eric Holcomb, released more than 30 pages from Pence’s AOL account, but declined to release an unspecified number of emails because they were considered confidential.
The state requires that all records pertaining to state business be retained and available for public information requests. Emails involving state email accounts are captured on the state’s servers, but any emails that Pence may have sent from his AOL account to another private account would need to be retained.
All the emails provided to the IndyStar “were ones captured on state servers,” the newspaper says.
At the end of his term, Pence hired the Indianapolis law firm of Barnes & Thornburg to conduct a review of all of his communications and that review is still ongoing, Lotter said. Any correspondence between Pence’s AOL account and any aides using a state email account would have been automatically archived, he said.
© 2017 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.