Scroll For Updates…
Network World and Wired are reporting that Sarah Palin’s private Yahoo mail account has been hacked and that screenshots of messages have been posted on various web sites.
From Wired:
Vice-presidential candidate Sarah Palin’s private Yahoo e-mail account was hacked, and some of its contents posted on the internet Wednesday.
The internet griefers known as Anonymous took credit for the intrusion, and screenshots of e-mail messages and photos belonging to the Alaska governor have been published by WikiLeaks. Threat Level has confirmed the authenticity of at least one of the e-mails.
The cache of stolen data contains five screenshots from Palin’s account, including the text of an e-mail exchange with Alaska Lt. Gov. Sean Parnell about his campaign for Congress.
Another screenshot shows Palin’s inbox and a third shows the text of an e-mail from Amy McCorkell, whom Palin appointed to the Governor’s Advisory Board on Alcoholism and Drug Abuse in 2007.
Hacking into someones e-mail is a federal crime punishable by up to five years in prison and it appears that the FBI in coordination with the Secret Service has begun an investigation into this incident. I’m a little fuzzy on the law here but I’m reasonably certain that sites like WikiLeaks and Gawker that published the stolen information could face prosecution along with the hackers.
Update: The McCain Campaign has released the following statement:
“This is a shocking invasion of the Governor’s privacy and a violation of law, the matter has been turned over to the appropriate authorities and we hope that anyone in possession of these e-mails will destroy them. We will have no further comment.”
Update: The FBI has confirmed that an investigation is underway. From CNN’s Political Tracker Blog:
FBI Spokesman Eric Gonzalez in Anchorage, Alaska confirms to CNN an investigation is underway.
“We are aware of the allegations and we are coordinating with Secret Service as far as the allegation that someone has hacked into Governor Palin’s personal e-mail account,” he said. “We are going to be working a joint investigation with Secret Service on this.”
Brian Hale, an FBI spokesman in Washington, also confirms the FBI has been contacted about the incident. Two federal law enforcement sources say the FBI and Secret Service would have concurrent jurisdiction normally on a matter such as this, but it remains to be seen if the Secret Service will take the lead on the investigation because Palin is a protectee.
Update: The always indispensable Michelle Malkin has the story behind the story:
This afternoon, I mentioned an infamous group of hackers whose Internet bulletin board was the gathering place for those who bragged about and publicized the Sarah Palin private e-mail hacking.
A tech-savvy reader who monitors the hackers’ site e-mailed me a detailed explanation of how it went down, who was responsible, and how someone with a conscience warned a friend of the Palin family of the crime (language warning):
As an aside… This would be a good time to change your passwords. A strong password should be at least 8 characters and include letters, numbers, and at least one special character. It should also be easy to remember but not easily guessed.
Hat Tip: Michelle Malkin & Ace.
For Additional Updates see:
It’s wrong that this happened, however, I wonder how many average americans use Yahoo’s services thinking that their personal data is secure. The McCain campaign should take this as an advantage and use it to push for better security, and larger penalties for Identity Theft and Internet Fraud.
Secure is a relative term… I have a rough idea how the intrusion occurred. People need to think not only about the passwords they use but also the answers they give for challenge questions when they setup an account. What appears to have happened is that the bad guy was able to reset the account password using publicly available information… ie: Date of birth, zip code, etc. to correctly answer the challenge questions.
A couple of things need to happen 1) companies need to think about the types challenge questions they use and 2) people need to think long and hard about how much personal information they share on-line.
That said it’s more difficult for a public figure like Sarah Palin to keep certain personal details private. Using challenge questions like your date of birth, where you were born or went high school may work well for John and Jane Average but they’re a vulnerability when used by a public figure.
Ultimately security is a process not a destination and we need periodically reevaluate the step we take to protect ourselves.
No one “hacked” her account, guessed her password, or sent her a Trojan Horse. People have tried the “password reset” hypothesis and it failed every time.
Occam’s Razor tells us the simplest explanation is most likely the best explanation: someone who had easy access to her account broke in.
That person would be someone at Yahoo Headquarters.
That den of moonbats had the method, motive, and opportunity to access her account. They also knew where to post the information to get widespread access.
People claiming to have done this are either leading authorities on a wild goose chase, or are trying to get credit – like confessing to serial killings.
Internet security “experts” are trying to dazzle us with highfalutin jargon of their trade. They just want to stroke their egos.
Tell the FBI to start their investigation in Sunnyvale, CA.