Is Sarah Palin Safe? No. Identity Theft and Government Officals
You’ve probably seen in the news that a hacker gained access into Sarah Palin’s Yahoo.com email account. The hacker used a simple scheme and basic social engineering tools (research on Google and Wikipedia, common-sense guessing) to reset the password on the account and assume ownership of her email. [For a full account of how a professor, Herbert H. Thompson, used these tools to steal a friends identity (with their permission), visit his recent and extremely interesting article, How I Stole Someone’s Identity and the companion radio interview.]
In addition to denying Governor Palin access to her own account, the hacker had full control to:
- Read every saved and current email in her account (hopefully she never sent her Social Security Number, passwords or account numbers via email, not to mention correspondence pertaining to her role as candidate for Vice President of the U.S.)
- Steal the email addresses and any other sensitive information stored in her contacts (John McCain might want to change his email address)
- Send out emails as if the hacker were Sarah Palin, or worse yet, send out official emails as Alaskan Governor, Sarah Palin
The potential for abuse is mind boggling. Sarah Palin should take immediate steps to protect her stolen identity and to secure her future privacy. Here are a sampling of the steps I would recommend: