How did CIA head get hacked? Easier than you think

CBS News, 18 May 2020: The person claiming to be responsible for this week’s hack of the email accounts of CIA Director Brennan and Homeland Security Secretary Jeh Johnson says he’s just a teenager and revealed in an interview with Wired the amazingly simple steps he took to pull off his scheme. If what he described is to be believed, the attack was not a demonstration of technological prowess, but a shrewd trick played on an AOL customer service rep. With the help of a few other people, the hacker told Wired, he used a reverse phone number lookup to determine that Brennan has a Verizon Wireless account. He called the company, posing as a technician whose “tools were down” to get details on the mobile phone account, including Brennan’s AOL email address. Then, he called AOL and told the representative he was locked out of his account. Using details gleaned from Verizon, he got AOL to reset the password. This allowed the group to access Brennan’s email on October 12, where they uncovered, among other things, a spreadsheet of people, including senior intelligence officials, along with their Social Security numbers that are believed to date back to at least 2009. If there’s one lesson to be learned here, it’s to be extra careful with the information you expose online and thoughtful about the passwords and security questions you use to protect your accounts.