Daily cyber threats and internet security news: network security, online safety and latest security alerts
September 17th, 2008

Hackers Hijack Sarah Palin’s Yahoo Account, E-mails Published Online

Members of Anonymous, a hackers activist group, have apparently hacked into a Yahoo! email account belonging to Alaska governor and Republican vice presidential candidate Sarah Palin.

According to Wikileaks, “activists loosely affiliated” with Anonymous somehow gained access to the account at around midnight Tuesday the 16th of September (EST). Screenshots of emails purportedly lifted from this account – which carries the address “[email protected]” – were then passed to Wikileaks.

One of the screens shows an email from Amy McCorkell, a member of Governor Palin’s Advisory Board on Alcoholism and Drug Abuse, and according to, McCorkell has confirmed the note’s authenticity. Following the release of this story, both Sarah Palin’s better known account [email protected] and the [email protected] account have been suspended or deleted as revealed by a test email sent to these addresses by Wikileaks. Although the reasons for the deletion of both accounts can not not yet be established, one interpretation is that Palin is trying to destroy her email records.

Other screens show the account’s inbox and contact list as well as an email from Palin to Alaska Lieutenant Governor Sean Parnell. Another screen posted to Wikileaks shows an email from an Anonymous activist to Palin aide Ivy Frye, warning her that the account was hacked. “Dear Ivy,” the email reads. “You don’t know me but I am part of an internet group called anonymous. This email was hacked by anonymous, but I took no part in that. I simply got the password back and changed it so no further damage could be done.” The email then shares the new password and asks that it be passed on to Palin.

It’s unclear how the account was accessed. “There are four possible means I can think of,” Adam J. O’Donnell, senior research scientist at messaging security outfit Cloudmark, tells The Reg. “But there’s not enough information to do anything more than guess.” Judging from the fact that Palin’s address was recently made public, it’s likely the account was hacked with nothing more than ordinary password guessing.

Wikileaks said it may release additional e-mails should they prove be of political substance.

In case you think you might be a target, here are a few tips for email box safety:

Check your emails only from computers you trust.

Use complex, difficult to guess passwords.

Carefully examine the password reset policy used by the webmail system.

Get your mail to your local system and erase the messages from the server.

Share this item with others:

More on CyberInsecure:
  • FoxNews Commentator`s Website Hacked, Subscribers Personal Details Published
  • Cross-site Scripting Vulnerability On Yahoo’s HotJobs Site Exposes Yahoo Accounts
  • Twitter’s Administrator Panel Hacked (Again)
  • Yahoo! Marketing Hit By Phishers, Phished Accounts Lead To Malvertising And Malware Distribution
  • Hackers Hijack ICANN And IANA’s Domains

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Hackers Hijack Sarah Palin’s Yahoo Account, E-mails Published Online

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.