On March 2, 2015, a New York Times article publicly reveals Clinton’s use of a personal email account and private server to conduct government business. The FBI’s Clinton email investigation will later identify an increased number of login attempts to her server and its associated domain controller just after this article comes out.
According to the FBI in September 2016, “Forensic analysis revealed none of the login attempts were successful. [The] FBI investigation also identified an increase in unauthorized login attempts into the Apple iCloud account likely associated with Clinton’s email address during this time period.” (Clinton’s email address, which had been publicly revealed in March 2013, was still used as the user name for the account.) “Investigation determined all potentially suspicious Apple iCloud login attempts were unsuccessful.”
Despite all this, Clinton does not simply turn the server off. Instead, Platte River Networks (PRN) employees, who are managing the server, make some security improvements around March 7, 2015.
PRN staff also discuss the possibility of conducting penetration testing against the server to highlight vulnerabilities, so they can be fixed. However, the penetration testing ultimately doesn’t happen. (Federal Bureau of Investigation, 9/2/2016)