In a staggering display of negligence, Hillary Clintons private email server incorporated software to permit it to be controlled remotely, an open invitation to hacking.  Despite U.S. government and industry warnings that even low-skilled hackers could exploit this software, the secretary of state used it and transmitted highly classified information over it.

The Associated Press, in an exclusive report:

The private email server running in Hillary Rodham Clinton's home basement when she was secretary of state was connected to the Internet in ways that made it more vulnerable to hackers, according to data and documents reviewed by The Associated Press.

Clinton's server, which handled her personal and State Department correspondence, appeared to allow users to connect openly over the Internet to control it remotely, according to detailed records compiled in 2012. Experts said the Microsoft remote desktop service wasn't intended for such use without additional protective measures, and was the subject of U.S. government and industry warnings at the time over attacks from even low-skilled intruders.

White House officials are in denial:

Clinton spokesman Brian Fallon said late Monday that "this report, like others before it, lacks any evidence of an actual breach, let alone one specifically targeting Hillary Clinton. The Justice Department is conducting a review of the security of the server, and we are cooperating in full."

The AP exclusively reviewed numerous records from an Internet "census" by an anonymous hacker-researcher, who three years ago used unsecured devices to scan hundreds of millions of Internet Protocol addresses for accessible doors, called "ports." Using a computer in Serbia, the hacker scanned Clinton's basement server in Chappaqua at least twice, in August and December 2012. It was unclear whether the hacker was aware the server belonged to Clinton, although it identified itself as providing email services for clintonemail.com. The results are widely available online.

The hacking has already taken place.  That’s how this report was generated.  And elementary security measures were not put in place:

Remote-access software allows users to control another computer from afar. The programs are usually operated through an encrypted connection — called a virtual private network, or VPN. But Clinton's system appeared to accept commands directly from the Internet without such protections.

"That's total amateur hour," said Marc Maiffret, who has founded two cyber security companies. He said permitting remote-access connections directly over the Internet would be the result of someone choosing convenience over security or failing to understand the risks. "Real enterprise-class security, with teams dedicated to these things, would not do this," he said.

The only plea Hillary can make is incompetence.

Will any of the Democrats in tonight’s debate go after her for this?  Probably not.  But if Jim Webb, the former senator and secretary of the Navy, wants to break out from low single digits, this would be his opportunity.