CIA Director Email Hacked by Teen
Earlier this week, a self-proclaimed hack going by the persona “Cracka” hacked the personal email accounts of none other than Central Intelligence Agency director, John Brennan. This latest embarrassment has further shown what the state of cyber-(un)security is like for the US government.
This teen who described himself to the New York Post as a “non-Muslim teenager” who was upset at the US governments support of Israel over Palestinians in the middle east. He went further to say how he socially engineered Verizon and AOL to give him the data required to reset his password, which is common tactic used by anyone wanting to hack into someone’s email for social media account.
The ability for an inexperienced teenager to be able to hack the account of one of the most prominent figures in the intelligence world highlights the problems with storing sensitive data on a public facing server. Granted this email account wasn’t a government email server, it still shows that documents such as a top-secret clearance application which had all of his personal details and presumably wasn’t encrypted. Per Al Jazeera, “For Brennan, was it negligence, hubris, or a belief that the rules didn’t apply to him? Of all people, he should know that there’s a silent, secret cyber war happening right now involving not just millions, but billions of accounts.”
All of the documents the teenager was able to pull off of the account were dumped onto Wikileaks on Wednesday and “began publishing documents from Brennan’s non-government email accounts” (Al Jazeera/Maktoob/Yahoo News). The CIA had little to say about the matter, stating that “We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities” and CIA director Brennan hasn’t commented on the matter as of yet.
Per Wired, The emails are available on Wikileaks, but we will not be posting a link.
Other High Profile Breaches:
Experian (includes T-Mobile)
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison (follow up)
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.