Authorities are investigating alleged hacks of CIA Director John Brennan's personal AOL email account and Department of Homeland Security Secretary Jeh Johnson's Comcast account. On Monday, the New York Post published details from an interview with the supposed hacker, who claims to be a male American high-school student "who is not Muslim."
The hacker, who says he accessed the accounts Oct. 12 and has not been named, has been posting redacted screenshots and documents on the Twitter handle @phphax. The account references the hashtag #FreePalestine and includes the Muslim Shahada creed in its bio. A tweet from the account notes that "this [hack] wasn't just me, it was all of #CWA." The hacker told the Post that CWA stands for “Crackas With Attitude,” a duo comprised of himself and a friend from school.
The hacker claims to have accessed CIA Director Brennan's 47-page security clearance application, along with documents that included Social Security numbers and personal information about more than 10 CIA officials. The Post reports that the documents were attached to about 40 emails in the AOL account. The hacker also accessed Homeland Security Secretary Johnson's Comcast account and claims to have listened to his voicemails.
"John and Jeh are both very big people and high-ranking people, so, I mean, if we hacked them, they would be ashamed," the hacker told CNN. "But it was really because the government are killing innocent people, they also fund (Israel) for killing innocent people."
The hacker told CNN on Monday afternoon that law enforcement had not contacted him yet. @phphax tweeted last week, "If i go quiet on this account, the CIA losers have found me and I'm being tortured by their stupid methods of ruining a guys thoughts." The FBI and Secret Service are investigating the situation. The hacker claims that he infiltrated the accounts through “social engineering.” For example, he tricked AOL into resetting Brennan's password.
After months of news about the Hillary Clinton personal email account scandal, it seems almost inevitable that government officials would start to experience hacks. And a standard AOL account is not the right place to store sensitive personnel data. On the other hand, getting a landline from Comcast is pretty understandable. More and more, any type of mainstream consumer account is a cybersecurity risk for a public figure.
In an April Slate post I wrote, "the source of the [cybersecurity] problem might be a lot closer to home. Is anyone looking at the teens?" Nailed it.