An investigation is underway following reports that non-government email accounts belonging to CIA director John Brennan and Department of Homeland Security Secretary Jeh Johnson were hacked.
CNN reports that The New York Post interviewed the man claiming to be the hacker. He said he was able to access an AOL email account associated with John Brennan that contained files in association with his application for security clearance. He said he was also able to access a Comcast account associated with Jeh Johnson.
A statement was issued by the CIA Monday, which said they were aware of the report. The CIA would not discuss the security information, and assured that the matter was in the hands of proper authorities. The FBI has not made a comment. Officials say that no classified information was obtained by the hacker.
The hack further highlights the issue of government officials using private email accounts, regardless of whether or not they are used for government purposes. The problem stems from the fact that private email accounts are easy targets for potential hackers.
The hacker told The New York Post that he used a very simple tactic to gain access to Brennan’s email account. Using a process known as “social engineering”, the hacker obtained publicly available information and used it for a personal attack on his accounts. The hacker tricked Verizon Wireless employees into giving him some of Brennan’s information. Using this, he was able to reset the AOL account password, with the reset information going straight to the hacker.
This method, in which call centers are usually the target, is documented as an easy, and potentially very dangerous hacking technique.
The hacker told The New York Post that he is a high school student, who is very critical of US foreign policy. He is also a supporter of Palestine.