The State Department revealed Monday that it has identified "multiple security incidents" involving current or former employees' handling of Hillary Clinton's emails, and that 23 "violations" and seven "infractions" have been issued as part of the department's ongoing investigation.
The information came in a letter to Iowa Republican Sen. Chuck Grassley, who is responsible for overseeing the security review.
"To this point, the Department has assessed culpability to 15 individuals, some of whom were culpable in multiple security incidents," Mary Elizabeth Taylor, the State Department's Assistant Secretary in the Bureau of Legislative Affairs, wrote to Grassley. "DS has issued 23 violations and 7 infractions incidents. ... This number will likely change as the review progresses."
President Trump highlighted the finding in a tweet overnight, questioning whether Democrats would investigate and saying, "This is really big."
The State Department, calling the matter "serious," said it expected to conclude the investigation by Sept. 1. The department acknowledged that the probe was unusually time-consuming.
"Given the volume of emails provided to the Department from former Secretary Clinton's private email server, the Department's process has been necessarily more complicated and complex requiring a significant dedication of time and resources," Taylor wrote.
Taylor also noted that disciplinary consequences were pending.
"In every instance in which the Department found an individual to be culpable of a valid security violation or three or more infractions, the Department forwarded the outcome to the Bureau of Diplomatic Security's Office of Personnel Security and Suitability (DS/PSS), to be placed in the individuals' official security file," Taylor wrote. "All valid security incidents are reviewed by DS and taken into account every time an individual's eligibility for access to classified information is considered.
"This referral occurred whether or not the individual was currently employed with the Department of State and such security files are kept indefinitely," Taylor added. "Consistent with the referral policy, for individuals who were still employed with the Department at the time of adjudication, the Department referred all valid security violations or multiple infractions to the Bureau of Human Resources."
The State Department declined to release the names of the employees, consistent with its procedures. The department promised another update once its review is completed.
Clinton's private email use has remained in the spotlight, as the DOJ looks into potential misconduct in the handling of federal authorities' surveillance and intelligence operations in 2016. Then-FBI Director James Comey said in 2016 that Clinton's handling of classified information was "extremely careless" -- remarks that were watered down from their original draft -- but that "no reasonable prosecutor" would bring charges.
It emerged earlier this year that then-FBI general counsel James Baker testified that he thought Clinton should have been prosecuted until he was convinced otherwise "pretty late" in the investigation.
And, last month, a trove of partially redacted FBI documents from the agency's investigation into whether Clinton mishandled classified information -- a probe known as the "Midyear Exam" -- revealed that top Clinton aides were shocked at apparent attempts to hack her private email servers.
The document release revealed numerous episodes in which the Clinton team either suspected it had been hacked or seemingly acknowledged that security measures had come up short.
"omg," top Clinton aide Huma Abedin wrote to Justin Cooper, the technology pro overseeing Clinton's private home-based email servers, when he told her shortly after midnight on Jan. 9, 2011, that "someone was trying to hack us."
And in March, it was revealed that the Justice Department "negotiated" an agreement with Clinton's legal team that ensured the FBI did not have access to emails on her private servers relating to the Clinton Foundation. Former FBI Agent Peter Strzok testified about the arrangement during a closed-door appearance before the House Judiciary Committee last summer, according to a transcript released this year.
"A significant filter team" was employed at the FBI, Strzok said, to "work through the various terms of the various consent agreements." Limitations imposed on agents' searches included date ranges and names of domains and people, Strzok said, among other categories.
The agreement was reached, Strzok said, because "according to the attorneys, we lacked probable cause to get a search warrant for those servers and projected that either it would take a very long time and/or it would be impossible to get to the point where we could obtain probable cause to get a warrant."
Former Utah Rep. Jason Chaffetz, who chaired the House Oversight and Government Reform Committee until 2017 and is now a Fox News contributor, said the arrangement signaled that agents wanted willful blindness.
"What's bizarre about this, is in any other situation, there's no possible way they would allow the potential perpetrator to self-select what the FBI gets to see," Chaffetz said, noting that the FBI was aware that the servers contained classified information in unclassified settings. "The FBI should be the one to sort through those emails -- not the Clinton attorneys."
The DOJ's goal, Chaffetz said, was to "make sure they hear no evil, see no evil -- they had no interest in pursuing the truth."