Scandalous emails.

Clinton campaign staffers scrambled frantically to change chairman John Podesta's password and upgrade his security after being fooled by a fake email alert from Gmail, unverified emails released Friday by WikiLeaks revealed.

Instead, the apparent March 19 phishing may show how hackers gained access to Podesta's account — or at least closely match the type of scheme that researchers believe was used to gain access to Podesta's messages.

An alert to Podesta, purportedly from Gmail, notified him someone had tried to sign into his account from Ukraine, and that Google had halted the attempt. It instructed him to click on a bit.ly link where, researchers  say, Podesta entered his credentials, giving hackers the information they needed to get into his account.
According to the Clinton camp’s reaction, though, they were concerned about the the false Gmail message, and were unaware Podesta had given up his login info. 
"This is a legitimate email," wrote a help desk staffer, referring to the apparent phishing attempt.