Research

Application security testing, analysis, and metrics

Sarah Palin’s Yahoo Mailbox Compromised

Posted by Chris Wysopal in RESEARCH, September 17, 2008 | Comments (7)  

A group of individuals has compromised VP candidate Sarah Palin’s personal email and sent the information to Wikileaks which has posted the information publicly.

http://wikileaks.org/wiki/Sarah_Palin_Yahoo_email_hack_2008

Alternate link (wikilieaks is down): http://cryptome.org/palin-email.zip

Circa midnight Tuesday the 16th of September (EST) Wikileaks’ sources loosely affiliated with the activist group ‘anonymous’ gained access to U.S. Republican Party Vice-presidential candidate Sarah Palin’s Yahoo email account gov.palin@yahoo.com. Governor Palin has come under criticism for using private email accounts to avoid government transparency mechanisms. The zip archive made available by Wikileaks contains screen shots of Palin’s inbox, example emails, address book and two family photos. The list of correspondence, together with the account name, appears to re-enforce the criticism.

Internet security has finally become an issue in presidential politics.

Palin’s use of a Yahoo account has been the subject of recent newspaper articles. The Washington Post published her Yahoo email address, which was likely a precursor to the attack.

Veracode Security Solutions

Security Threat Guides

Written by:

7 Comments »

[...] to re-enforce the criticism. Here’s one screenshot of an e-mail released by the group. * Hat tip: Chris Wysopal, Veracode.  Image via CBS News. posted by Ryan Naraine September 17, 2008 @ 10:40 [...]

Pingback by Zero Day mobile edition — September 17, 2008 @ 12:44 pm

[...] the mailbox hack is not an elaborate ruse, how did they do [...]

Pingback by Zero in a bit » Speculation on Palin E-mail Hack — September 17, 2008 @ 1:12 pm

easy.. her email password is lipstick.

Comment by rick james — September 17, 2008 @ 1:31 pm

[...] It looks like the Sarah Palin Yahoo Mailbox attack mentioned by Ryan and Chris Wysopal is real. Assuming that you are a high-value target, let’s talk briefly about how you can prevent [...]

Pingback by Zero Day mobile edition — September 17, 2008 @ 2:10 pm

How can she be trusted with highly classified information of United States when she is unable to protect her Inbox? Its really careless of Palin to use free email for work, and that too Yahoo! C’mon give GMail a shot.

Comment by UAE Calling — September 17, 2008 @ 3:38 pm

[...] Hat tip: Chris Wysopal, Veracode.  Image via CBS [...]

Pingback by HOLY PIG IN LIPSTICK!! Sarah Palin’s Yahoo Account Hijacked- E-mails Posted Online « Suzie-Q — September 17, 2008 @ 6:31 pm

[...] Sarah Palin’s Yahoo Mailbox Compromised There is, of course, a web application security spin to this story, but I would guess that social engineering is involved in the hack. The real question is, how much light does it shine on Palin’s governing style and on the whole shady practice of using personal email for government business? (tags: 2008 election palin security) [...]

Pingback by Grab bag: Why govt email on private accounts is dumb (Jarrett House North) — September 18, 2008 @ 8:29 am

RSS feed for comments on this post. TrackBack URI

Leave a comment


Schedule Demo Veracode Trial
Mobile Security

Sql Injection

cyber security

Categories

Archive

Powered by WordPress