Romney tax returns allegedly hacked, supposedly held for $1 million ransom

Filed Under: Data loss, Featured, Law & order

Mitt Romney, image from TwitterA team of burglars allegedly broke into a Tennessee PricewaterhouseCoopers office on August 25 and made off with US presidential Republican nominee Mitt Romney's tax returns.

The hackers are supposedly holding the returns for $1 million ransom and have maybe copied the documents onto flash drives, possibly stuck the drives into manila envelopes with handwritten, magic-marker lettering, which they then perhaps slid through the slot in Democrats' and PwC's office doors - if, in fact, any of it happened at all.

The original claim, as posted on Pastebin on Sunday, promises that the thieves will release the files to the public later this month:

Romney's 1040 tax returns were taken from the PWC office 8/25/2012 by gaining access to the third floor via a gentleman working on the 3rd floor of the building. Once on the 3rd floor, the team moved down the stairs to the 2nd floor and setup shop in an empty office room. During the night, suite 260 was entered, and all available 1040 tax forms for Romney were copied. A package was sent to the PWC on suite 260 with a flash drive containing a copy of the 1040 files, plus copies were sent to the Democratic office in the county and copies were sent to the GOP office in the county at the beginning of the week also containing flash drives with copies of Romney's tax returns before 2010. A scanned signature image for Mitt Romney from the 1040 forms were scanned and included with the packages, taken from earlier 1040 tax forms gathered and stored on the flash drives.

The group will release all available files to the public on the 28 of September, 2012

As this was said anonymously, it could be about as factual as an Anonymous-branded claim earlier this week that 12 million iPhone and iPad device IDs had been hacked from an FBI agent's laptop.

And just how factual was that Anonymous claim?

In the FBI's own, fully capitalized, Tweeted words, "TOTALLY FALSE".

What we do know for sure: the Secret Service agency is investigating the matter.

BitcoinsSecret Service spokesman George Ogilvie told CNET that the agency is investigating and had no further comment. There'd been no updates when I called Ogilvie on Thursday.

A followup message posted on Tuesday demanded $1,000,000, paid in Bitcoins.

In return, the poster says, the keys to unlock the data

"will be purged and what ever is inside the documents will remain a secret forever."

The followup post also contained details of the supposed heist, claiming that the thieves gained access to network file servers and copied electronic tax documents for Mitt Romney and his wife, Ann Romney, with the help of some type of security flaw that "will probably get [some people] fired".

The author of the post also claimed that major news media outlets will be sent an encrypted copy of the most recent tax years on file.

PwC released a statement saying that it's working closely with the Secret Service but so far has found no evidence that its systems had been compromised or that the tax returns had been accessed by unauthorized parties.

What we also know for sure: CNET reports that Democratic and Republican party offices in Williamson County, Tennessee, where the PwC office is located, did in fact receive thumb drives in packages late last week.

As far as the Democratic party leaders went, they opened the package, found the hackers' message (which was pretty much the same as the original Pastebin post, with the addition of a rubber stamp impression of Romney's signature at the bottom) and the thumb drive, laughed over how rinky-dink the whole thing was, nearly threw it away, but finally decided to hand it over to the Secret Service without trying to find out what was on the thumb drive.

Peter Burr, chairman of the county Democratic Party, told CNET that the party leaders found the package on the floor, dropped through the mail slot, addressed to "Dem Party Ldrs" in thick green marker, when they went to headquarters for an executive committee meeting last Thursday night:

"It was a small, manila envelope with bubble wrap lining. … I opened it and found inside a piece of paper folded into quarters and a black Cruzer 4 gig thumb drive."

"We almost threw the letter away. We passed it around and it drew some laughs."

"We considered this probably a scam and didn't really think much of it until these inquiries began happening today. Obviously, we would have no interest in obtaining information like this from a source like this as the Democratic Party. We're very interested in knowing what Mitt Romney's tax returns look like, but we would only be interested if it came from official sources."

Of course the Democratic party would be very interested indeed to look at Romney's tax returns, but in the meantime, it's gleefully squeezing Romney's tax reticence as evidence that the presidential nominee pays a lower tax rate than middle-class US families.

Mitt Romney, courtesy of spirit of america/ShutterstockOne hates to blame victims of what might turn out to be extortion if these Pastebin claims are true, but it's hard not to see Romney as bringing this whole tax pickle down on his own head.

Romney's father, George Romney, released 12 years worth of tax returns when he ran for president in 1968. Mitt Romney has released only one, nearly complete 2010 return, with his 2011 return due out in October—that's it, no more returns forthcoming.

So he's called attention to the very documents he'd rather people keep their peepers off of.

If he'd just release his taxes, there wouldn't be anything to raise ransoms about, be they real or be they just Pastebin pipedreams.

And regarding the Democratic party leaders' abstinence vis-a-vis plugging in mysterious flash drives: bravo!

It's nice to hear somebody's paying attention to Naked Security's (et al.) advice on USB drives' unhygienic nastiness.

Mitt Romney image courtesy of spirit of america / Shutterstock.com

, , , , ,

You might like

13 Responses to Romney tax returns allegedly hacked, supposedly held for $1 million ransom

  1. Doubter · 778 days ago

    SURE they didnt look at them!

  2. Nigel · 778 days ago

    Ehh - they broke in and physically copied the documents, how on earth do you call simple burglary hacking?

  3. MelbaS · 778 days ago

    Recalls to mind the Watergate burglary during Nixon's administration. That had negative consequences.

  4. Lee · 778 days ago

    Let me see if I got this right. Romney is to blame for the hack because he will not release all of his tax returns so he's brought all of this on himself?

    Since when did your political opinion have any relevance to the security related news that Mitt Romney's tax returns may have been hacked by some juvenile assholes?

    While I am at it Lisa, would you have the same reaction to Obama's sealed school records being hacked or the Fast and Furious documents being hacked and stolen? Would you say that this would not have been an issue if Obama had only released them and that he brought this upon himself?

    My point Lisa is that your political ideology does not belong on this blog, PERIOD. This is a tech blog that I read to keep up with malware and other security related news and it happens to be my favorite one. I do not want your bs political opinions thrown in and the same can probably be said to anyone else who contributes here.

    In other words, keep that **** to yourself.

    • Mike · 774 days ago

      You lost me at 'PERIOD.' Only arrogant people with a sense of entitlement make a point to emphasise this punctuation mark, usually in a belittling and condescending way, in a desperate attempt to strengthen whatever feeble point they were trying to make.

      Your statement is not authoritative, regardless of punctuation. You don't get to decide what belongs on this, or any other blog. But then again, it wouldn't sound as punchy if you said 'I'm somewhat disenchanted with your inclusion of a perceived political bias in a politically relevant news story PERIOD.'

  5. MelbaS · 778 days ago

    Memories of Watergate, anyone?

  6. Hillary · 778 days ago

    Now now Lee...sounds like you're in need of a hug my friend. Did the big O's speach last night make you a wee bit nervous? :-)

  7. TomA · 777 days ago

    Lisa Vaas - release your tax details for the past 12 years so that we can inspect them. Who knows - YOU may have something to hide.

    Don't throw, dirt it has a habit of coming back.

    Now let's see - where did I put that flash drive marked 'Lisa'

  8. SMGreen · 777 days ago

    Full agreement with above comments. As a devoted reader of Naked Security, I've observed how indidual privacy is always of utmost concern... until now, when it clashes with Ms. Vaas' apparent political perspective. I am extremely disappointed; I thought she was a professional tech writer.

  9. Mrs. W · 776 days ago

    Seems to me there ought to be some security takeaways from this, assuming it happened at all:

    1) Many of your threats are on the inside.

    2) Physical security is as important as digital security, and

    3) Digital security doesn't matter a lick if you leave hard copy lying around.

  10. Ted · 776 days ago

    Really, Lisa I am having a hard time swallowing you left wing views on this security blog. I lost my "hope and change" years ago. Get real, both sides suck!

    We need both sides with an equal representation body count and let them hash out stuff that way. Then we will get a more centerest policy as a hole. I am really getting sick of the childish left wingers that seem to be so "child based" and the right wing that could care less about anyone that that has a yearly wage $50,000 and less.

    Both sides suck.

  11. Ellie K · 775 days ago

    This was an entertaining, informative article. It would have been better without the editorial opinions about Mitt Romney's hesitance to release his tax returns. Sometimes the writers on Naked Security express opinions about security-related matters. This is different. It detracts, rather than adding value.

  12. roy jones jr · 771 days ago

    So many sensitive people in the comment sections. Lisa, I encourage you to post as the professional writer you are. She covered all her bases and "added a little something on the end." We're not robots.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.