The Sarah Palin email hack occurred on September 16, 2008, during the 2008 United States presidential election campaign when vice presidential candidate Sarah Palin's personal Yahoo! email account was subjected to unauthorized access. The hacker, David Kernell, obtained access to Palin's account by looking up biographical details, such as her high school and birthdate, and using Yahoo!'s account recovery for forgotten passwords. [1] Kernell then posted several pages of Palin's email on 4chan's /b/ board. Kernell, who at the time of the offense was a 20-year-old college student, was the son of longtime Democratic state representative Mike Kernell of Memphis.
Kernell was charged in October 2008 in federal court. After he was led into the court in leg irons and handcuffs, the judge released him on his own recognizance, pending trial. [2] [3] The incident was ultimately prosecuted in a U.S. federal court as four felony crimes punishable by up to 50 years in federal prison. [4] [5] The charges were three felonies: identity theft, wire fraud, and anticipatory obstruction of justice; and one optional as felony or misdemeanor: intentionally accessing an account without authorization. Kernell pleaded not guilty to all counts.
A jury trial, featuring testimony of Sarah and Bristol Palin, as well as of 4chan founder Christopher Poole, [6] began on April 20, 2010. [4] The jury found Kernell guilty on two counts: the felony of anticipatory obstruction of justice and the misdemeanor of unauthorized access to a computer. [7] [8] On her Facebook page, Sarah Palin stated that she and her family were thankful the jury had rendered a just verdict. [9]
Kernell was sentenced on November 12, 2010, to one year plus a day in federal custody, [10] followed by three years of supervised release. [10] The sentencing judge recommended that the custody be served in a halfway house, [10] but the Federal Bureau of Prisons sent him instead to a minimum security prison. [11] [12] He was released on November 23, 2011. [13] In January 2012, the United States Court of Appeals for the Sixth Circuit found Kernell's awareness of a possible future FBI investigation was enough to uphold a conviction on obstruction of justice. [14]
Shortly after midnight on September 16, 2008, [5] the private Yahoo! Mail account of Sarah Palin was cracked by a 4chan user. [5] The hacker, known as "Rubico", claimed he had read Palin's personal e-mails because he was looking for something that "would derail her campaign." [5] [15]
After reading through Palin's emails, Rubico wrote, "There was nothing there, nothing incriminating — all I saw was personal stuff, some clerical stuff from when she was governor." [5] [15] Rubico wrote that he used the Sarah Palin Wikipedia article to find Palin's birth date (one of the standard security questions used by Yahoo! [16] ) in "15 seconds." The hacker posted the account's password on /b/, an image board on 4chan, and screenshots from within the account to WikiLeaks. [17] A /b/ user then logged in and changed the password, posting a screenshot of his sending an email to a friend of Palin's informing her of the new password on the /b/ thread. This man was criticized heavily by the /b/ community, for being a "white knight". However, he did not blank out the password in the screenshot. [18] A multitude of /b/ users then attempted to log in with the new password, and the account was automatically locked out by Yahoo!. The incident was criticized by some /b/ users, one of whom complained that "seriously, /b/. We could have changed history and failed, epically." [19] The hacker admitted he was worried about being caught, writing "Yes I was behind a proxy, only one, if this sh*t ever got to the FBI I was f**ked, I panicked, I still wanted the stuff out there ... so I posted the [information] ... and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state." [16]
The hacker left behind traces of his activity. His IP address was logged at the proxy he used, CTunnel.com, and he also left his email address rubico10@yahoo.com
when he posted at 4chan. Furthermore, the attacker revealed the original web address used by the proxy [20] by leaving this information in the screenshot which according to experts can also help the investigation. [20] 4chan's /b/ board is not archived, and posts are only retained for a short time. However, with the great interest surrounding the posts of Rubico, many, including the magazine Wired, archived the original posts. [21] The email address left behind was then connected to David Kernell through various social networking profiles where it was used, [22] though no official investigation took place at this time.
John McCain's campaign condemned the incident, saying it was a "shocking invasion of the governor's privacy and a violation of law". [20] Barack Obama's spokesman Bill Burton called the hacking "outrageous". [16]
The FBI and Secret Service began investigating the incident and on September 20, it was revealed that they were questioning David Kernell, a 20-year-old economics student at the University of Tennessee and the son of Democratic Tennessee State Representative Mike Kernell from Memphis. [23] [24] [25] [26] The handle used by the hacker when making his post at 4chan pointed to him, although this evidence was inconclusive because of the frequent pranks pulled at that board. [27] The hacker's proxy service provided its logs, which pointed to Kernell's residence. [24] [27]
FBI agents served a federal search warrant at David Kernell's apartment in Knoxville. [28] Agents spent two hours taking pictures of everything inside his apartment. [28] Kernell's three roommates were also subpoenaed and expected to testify the following week in Chattanooga. [29] The obstruction of justice charge stems from an allegation by the FBI that Kernell attempted to erase evidence of the crime from his hard drive. [30] Kernell's father told Wired that he was aware that his son was a suspect, but he did not ask him anything about it over concerns that he may have to testify in court. [31]
A second federal grand jury in Knoxville returned an indictment of Kernell on October 7, 2008. [32] He was charged with violating and § 2701, or unlawful access to stored communications and intentionally accessing a computer without authorization across state lines, respectively. [33] Kernell turned himself in the next day. [34] Kernell pleaded not guilty. [35] The court released Kernell on his own recognizance. [36] Kernell's attorney claimed that using "an e-mail address and a birth date does not constitute identity theft"; however, the court rejected that argument saying "once Governor Palin chose the Yahoo! ID gov.palin@yahoo.com
, that became her unique address, and no one else could choose it."[ citation needed ]
In October 2008, Kernell was brought into court in handcuffs and ankle shackles to plead not guilty to the hacking and was released on bond. The case went to trial eighteen months later, on April 20, 2010. On April 23, Sarah Palin testified for 44 minutes. Her daughter, Bristol, testified as well. Following the conclusion of testimony, Sarah said, "I think there need to be consequences for bad behavior." [37]
On April 30, 2010, David Kernell was found guilty on two of four counts: the felony of anticipatory obstruction of justice by destruction of records and found for the lower misdemeanor option of unauthorized access to a computer. The jury acquitted him of the charge of wire fraud. It was deadlocked on identity theft charge, so the judge declared a mistrial on that charge. [38] In response, Palin issued a press release comparing the case to Watergate. [39]
Sarah Palin said the family was "thankful that the jury thoroughly and carefully weighed the evidence and issued a just verdict." [40]
The prosecutor, Assistant U.S. Attorney Greg Weddle, who had sought an 18-month prison sentence for Kernell, promised a retrial on the identity theft charge should he be successful in his attempt at receiving a new trial. [38]
In November 2010, Kernell was sentenced to a year and a day of prison, preferably to be served in a halfway house, plus three years of probation, by U.S. District Judge Thomas Phillips, though he noted the Federal Bureau of Prisons (BOP) could override his recommendations. [41] [10] However, the BOP, which makes the ultimate determination as to where federal prisoners serve their sentence, assigned Kernell to the minimum security prison at the Federal Correctional Institution, Ashland near Ashland, Kentucky. [11] [12] [42] Jose Santana, the chief of the BOP's Designation and Sentence Computation Center, [43] said that halfway houses are for convicts who have limited skills and/or limited support from their families. Because Kernell had the support of his family and had attended a university for three years, Santana argued that he does not need to be in a halfway house. [44] Kernell was later relocated to a halfway house. [45]
David Christopher Kernell was the son of longtime Democratic state representative Mike Kernell of Memphis.
Kernell won the Tennessee Open Scholastic Chess Championship in 2004, and graduated in 2006 from Germantown High School. After release from BOP custody, he returned to the University of Tennessee, Knoxville to finish an economics degree. He first volunteered his programming skills to Tennessee Voices for Children, a child advocacy nonprofit group. [46] Diagnosed with multiple sclerosis (MS) in 2014, Kernell participated in clinical research trials at the Cedars-Sinai Neurosciences Research Center in Los Angeles to help develop cures and treatments for other victims of MS. After moving to California, he developed facial recognition software that could identify children at risk of abuse.
Kernell died on February 2, 2018, in Newport Beach, California, at the age of 30, from complications related to progressive MS. [47] [48]
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and transverses any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of cybercrime.
Yahoo! Mail is an email service offered by the American company Yahoo, Inc. The service is free for personal use, with an optional monthly fee for additional features. Business email was previously available with the Yahoo! Small Business brand, before it transitioned to Verizon Small Business Essentials in early 2022. Launched on October 8, 1997, as of January 2020, Yahoo! Mail has 225 million users.
Strategic Forecasting Inc., commonly known as Stratfor, is an American strategic intelligence publishing company founded in 1996. Stratfor's business model is to provide individual and enterprise subscriptions to Stratfor Worldview, its online publication, and to perform intelligence gathering for corporate clients. The focus of Stratfor's content is security issues and analyzing geopolitical risk.
4chan is an anonymous English-language imageboard website. Launched by Christopher "moot" Poole in October 2003, the site hosts boards dedicated to a wide variety of topics, from video games and television to literature, cooking, weapons, music, history, technology, anime, physical fitness, politics, and sports, among others. Registration is not available, except for staff, and users typically post anonymously. As of 2022, 4chan receives more than 22 million unique monthly visitors, of whom approximately half are from the United States.
Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.
Christopher Poole, also known online as moot, is an American Internet entrepreneur and developer. He founded the anonymous English-language imageboard 4chan in October 2003, when he was still a teenager; he served as the site's head administrator until January 2015. He also founded the online community Canvas, active from 2011 to 2014. Poole was hired by Google in 2016 to work on the Google+ social network and as a product manager. He left the company in 2021.
Michael L. Kernell is an American politician who served as a member of the Tennessee House of Representatives from 1975 to 2013.
Andrew Alan Escher Auernheimer, best known by his pseudonym weev, is an American computer hacker and professional Internet troll. Affiliated with the alt-right, he has been described as a neo-Nazi, white supremacist, and antisemitic conspiracy theorist. He has used many aliases when he has contacted the media, but most sources state that his real first name is Andrew.
Operation Payback was a coordinated, decentralized group of attacks on high-profile opponents of Internet piracy by Internet activists using the "Anonymous" moniker. Operation Payback started as retaliation to distributed denial of service (DDoS) attacks on torrent sites; piracy proponents then decided to launch DDoS attacks on piracy opponents. The initial reaction snowballed into a wave of attacks on major pro-copyright and anti-piracy organizations, law firms, and individuals. The Motion Picture Association of America, the Pirate Party UK and United States Pirate Party criticised the attacks.
The Federal Correctional Institution, Ashland is a low-security United States federal prison for male inmates in the unincorporated area of Summit in Boyd County, Kentucky, approximately 5 miles (8.0 km) outside the city of Ashland. It is operated by the Federal Bureau of Prisons, a division of the United States Department of Justice. It also includes a satellite prison camp for minimum-security male offenders.
Anonymous is a decentralised virtual community. They are commonly referred to as an internet-based collective of hacktivists whose goals, like its organization, are decentralized. Anonymous seeks mass awareness and revolution against what the organization perceives as corrupt entities, while attempting to maintain anonymity. Anonymous has had a hacktivist impact. This is a timeline of activities reported to be carried out by the group.
Email hacking is the unauthorized access to, or manipulation of, an account or email correspondence.
The 2012 LinkedIn hack refers to the computer hacking of LinkedIn on June 5, 2012. Passwords for nearly 6.5 million user accounts were stolen. Yevgeniy Nikulin was convicted of the crime and sentenced to 88 months in prison.
We Are Legion: The Story of the Hacktivists is a 2012 documentary film about the workings and beliefs of the self-described "hacktivist" collective, Anonymous.
Marcel Lehel Lazăr, known as Guccifer, is a Romanian hacker responsible for high-level computer security breaches in the U.S. and Romania. Lazăr targeted celebrities, Romanian and U.S. government officials, and other prominent persons.
Matt Paul DeHart is an American citizen and former U.S. Air National Guard intelligence analyst and a registered sex offender. He has made several unconfirmed claims, including that he received classified documents alleging the CIA was involved in the 2001 anthrax attacks in the United States and that the government used child pornography charges to frame him for possession of state secrets.
On August 31, 2014, a collection of nearly five hundred private pictures of various celebrities, mostly women, with many containing nudity, were posted on the imageboard 4chan, and swiftly disseminated by other users on websites and social networks such as Imgur and Reddit. The leak was dubbed "The Fappening" or "Celebgate" by the public. The images were initially believed to have been obtained via a breach of Apple's cloud services suite iCloud, or a security issue in the iCloud API which allowed them to make unlimited attempts at guessing victims' passwords. Apple claimed in a press release that access was gained via spear phishing attacks.
In 2013 and 2014, the American web services company Yahoo was subjected to two of the largest data breaches on record. Although Yahoo was aware, neither breach was revealed publicly until September 2016.
Joshua Adam Schulte is a former Central Intelligence Agency (CIA) employee who was convicted of leaking classified documents to WikiLeaks. WikiLeaks published the documents as Vault 7, which The New York Times called "the largest loss of classified documents in the agency's history and a huge embarrassment for C.I.A. officials." After his conviction, the Department of Justice called it "one of the most brazen and damaging acts of espionage in American history."
Yevgeniy Alexandrovich Nikulin is a Russian computer hacker. He was arrested in Prague in October 2016, and was charged with the hacking and data theft of several U.S. technology companies. In September 2020, he was sentenced to 88 months in prison.
Release date, actual or projected 11-23-11