In a blow to the republican vice presidential candidate’s privacy, hackers have taken over and copied all the e-mails out of Governor Palins e-mail account on Yahoo. The best part is that no one knows if the account was hacked via a Yahoo Zero day or a bad password choice.
Given what is being described as a major breach of confidentiality and privacy on the part of the republican candidate, Veracode has an idea of exactly how the yahoo mail hack was carried out via the Yahoo password reset screen. If you know basic information about the person you are interested in, and have access to the backup e-mail account that the person uses, you can get a password reset sent to that other account.
So if you back up is an account that someone else has access too, regardless of who they are, the yahoo password reset function will work just the way it was intended. The problem is that at least the backup account has to be compromised in some manner to make this work. The data though that is in Wikileaks is a lot of information that investigators were wanting to get but were being difficult to get legally. None of the information on Wikileaks can be used in court, and odds are now that the account has been compromised, none of the yahoo information can be used either. Wikileaks reports that:
Circa midnight Tuesday the 16th of September (EST) activists loosely affiliated with the group ‘anonymous’ gained access to U.S. Republican Party Vice-presidential candidate Sarah Palin’s Yahoo email account gov.palin@yahoo.com and passed information to Wikileaks. Governor Palin has come under criticism for using private email accounts to conduct government business and in the process avoid transparency laws. The zip archive made available by Wikileaks contains screen shots of Palin’s inbox, two example emails, address book and a couple of family photos. The list of correspondence, together with the account name tends to re-enforce the criticism. Following the release of this story, both Sarah Palin’s better known account gov.sarah@yahoo.com and the gov.palin@yahoo.com account have been suspended or deleted as revealed by a test email sent to these addresses by Wikileaks. Although the reasons for the deletion of both accounts can not not yet be established, one interpretation is that Palin is trying to destroy her email records. Source: Wikileaks
This hack brings home the idea to the candidates that information security is something that needs to be talked about at a national level if we are to be successful in defending cyberspace in the USA. This is the kind of example that will bring a deeper focus at least on the vice presidential candidate that we need some very real information security, and she will have her own story to tell about it. This is not a good thing on many levels, because the data has now been compromised and is useless to law enforcement in case she really was doing something that she should not have been doing. So while the hackers on this one might have provided the data in the yahoo mail account, in the end they might have ended up compromising the entire State of Alaska investigation into Governor Paulin’s actions.
