Here’s more from Foreign Policy:
Fervently pro-Palestine, pot-smoking, teenage hacker claims to have hacked the AOL email account of CIA Director John Brennan.
The hacker in question, who goes by the moniker “cracka,” is a member of the hacker collective “Crackas With Attitude,” which appears to include at least one other member, who calls himself “cubed.” Media accounts about the alleged hack have so far focused on cracka’s role, but he told Foreign Policy via Twitter that the operation was very much the work of the collective. The hackers claim to have gotten into Brennan’s email by duping Verizon into providing them with the CIA chief’s personal information, which was then used to reset his AOL password.
Cracka has claimed that he has found a copy of Brennan’s application for a security clearance.
The hackers have so far posted what they claim to be a list of Brennan’s email contacts and a list of high-level government employees, along with their Social Security numbers and other personal information. That list of government employees includes Homeland Security Secretary Jeh Johnson. A Twitter account — since suspended — purporting to belong to the hacking collective posted what was describedas a call log for Deputy National Security Advisor Avril Haines.
Johnson, the DHS secretary, appears to have been heavily targeted by the hackers. Cracka claimed he infiltrated Johnson’s Comcast account andposted the message “Stop Wars” on his home television screen. He has also posted detailed information on Johnson’s family, including the address of his Georgetown home, his wife’s name and phone number, and the identity of his son’s girlfriend.
And here’s more from Wired:
A HACKER WHO claims to have broken into the AOL account of CIA Director John Brennan says he obtained access by posing as a Verizon worker to trick another employee into revealing the spy chief’s personal information.
Using information like the four digits of Brennan’s bank card, which Verizon easily relinquished, the hacker and his associates were able to reset the password on Brennan’s AOL account repeatedly as the spy chief fought to regain control of it.
The documents they accessed included the sensitive 47-page SF-86 application that Brennan had filled out to obtain his top-secret government security clearance. Millions of SF86 applications were obtained recently by hackers who broke into networks belonging to the Office of Personnel Management. The applications, which are used by the government to conduct a background check, contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They also include criminal history, psychological records and information about past drug use as well as potentially sensitive information about the applicant’s interactions with foreign nationals—information that can be used against those nationals in their own country.
“[W]e told them we work for Verizon and we have a customer on scheduled callback,” he told WIRED. The caller told Verizon that he was unable to access Verizon’s customer database on his own because “our tools were down.”
After providing the Verizon employee with a fabricated employee Vcode—a unique code the he says Verizon assigns employees—they got the information they were seeking. This included Brennan’s account number, his four-digit PIN, the backup mobile number on the account, Brennan’s AOL email address and the last four digits on his bank card.
“[A]fter getting that info, we called AOL and said we were locked out of our AOL account,” he said. “They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password.” AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon.
On October 12, they gained access to Brennan’s email account, where they read several dozen emails, some of them that Brennan had forwarded from his government work address and that contained attachments. The hacker provided WIRED with both Brenann’s AOL address and the White House work address used to forward email to that account.
So they called Brennan’s mobile number, using VoIP, and told him he’d been hacked. The conversation was brief.
“[I]t was like ‘Hey,…. its CWA.’ He was like ‘What do you want?’ We said ‘2 trillion dollars hahhaa, just joking,’” the hacker recounted to WIRED.
Brennan, the hacker says, replied, “How much do you really want?”
They told Brennan “We just want Palestine to be free and for you to stop killing innocent people.”