Have you ever wondered how much is your email password worth? It depends what data are you trying to protect in electronic form using that password.
Data security is a major issue for businesses and organizations today. That is why a group of information security specialist in large organizations and Government agencies develop security policies to protect data from external and internal threats. But the latest statistics show that employees ignore those security rules (policies) by doing their work activities from a personal device or personal email accounts.
But can you imagine what kind of work activities do the heads of US Intelligence services?
On 18 October 2015, New York Post reported that the personal email account of CIA Director John Brennan was hacked by a high-school teen exposing many sensitive files.
Exposed data included personal information of more than a dozen top American intelligence officials, a government letter about the use of “harsh interrogation techniques” on terrorism suspects, as well as his 47-page application for top-secret security clearance.
The young hacker used a tactic called "social engineering" to collect Brennan's personal information from Verizon. Which was later used to answer to security questions, asked in case of password recovery, to access Brennan's personal email account.
We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities.
— says in CIA statement
Just months after reports that someone hacked CIA Director John Brennan's personal email, a U.S. intelligence official is confirming that online personal accounts linked to Director of National Intelligence James Clapper also have been hacked.
Both the cyber-crimes were committed by a young hacker called "Cracka".
He claimed to have broken into accounts connected to Clapper including his email, home telephone and his wife's email.
"Cracka" then apparently set Clapper's home number to forward calls to the co-founder of the Free Palestine Movement.
This proves once again, sadly, that security policies are not taken seriously by the Head of Government agencies who work with the critical data.
This is strange, because they are the ones who prove those security policies.
Subscribe to our Telegram channel to instantly receieve the latest cybersecurity news, resources and analysis.