FBI searches apartment of suspected Sarah Palin hacker

Filed Under: Data loss, Law & order

Early yesterday, the FBI served a search warrant at the apartment of a university student widely suspected of being involved in the Sarah Palin email hack.

According to reports, early on Sunday morning FBI agents arrived at 20-year-old David Kernell's apartment in the city of Knoxville, Tennessee, interrupting a student party.

Kernell, who is studying at the University of Tennessee, and the son of state democratic representative Mike Kernell, has been widely named across the internet as being potentially linked to the hacking.

Internet postings quoted in the media at the tail end of last week, which claimed to be from the hacker, said that breaking into the vice-presidential candidate's Yahoo account was child's play.

How Sarah Palin's email address was hacked

It appears that Sarah Palin compromised her account's security by choosing her "secret questions" to be her date of birth, her postal code, and information about where she met her husband. The alleged hacker, who called himself Rubico, claimed that he was able to find this information out quickly by using Google and Wikipedia.

This revelation underlines the point I made in the video I published last week: "Paris Hilton & Sarah Palin: What's the connection?". In that video I showed that Palin was far from the first figure in the public eye to have had her emails exposed by a hacker, and that being foolish with "secret questions/answers" can leave a door open for hackers to gain access. The video also gives some tips about how you can better protect your own web email accounts.

Too many people are compromising their password security by being careless in their use of "secret questions". By using "secret answers" that aren't really secret at all, but can be found out by anybody who has an internet account you are leaving yourself open to a hacker attack.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.