Report: Email Accounts Hacked Using ‘Social Engineering’ Tactics

According to reports, a teenager managed to hack into the personal email accounts of both the Director of the Central Intelligence Agency (CIA) and the head of the Department of Homeland Security (DHS) using what are being called "social engineering" tactics.

The New York Post interviewed the alleged hacker by phone after they said the hacker called the newspaper to brag about his exploits, with the hacker disguising his voice.

The hacker said he accessed CIA Director John Brennan's 47-page application for the top security clearance needed for his job, which Brennan had attached to an outgoing email, though reports indicate it does not appear any classified information was accessed.

How the hacker says he accessed the email accounts is interesting, and rather frightening.

Get LifeLock protection now.

The hacker told the New York Post he used personal information about Brennan and DHS Secretary Jeh Johnson collected from various public websites to "personalize attacks" on their email accounts, CNN explained.

In Brennan's case, the hacker said he used information about Brennan he had gathered to trick a Verizon employee at a call center into giving him Brennan's account information, which he then used to have a password reset request sent to him.

In the case of Johnson, the hacker bragged to the New York Post that he had used similar methods to listen to Johnson's office voicemails, and to post part of a Comcast bill of Johnson's to the Internet. The hacker also claims to have prank-called Johnson several times, reciting his Social Security number to him when he answered.

The accounts have since been disabled, CNN said.

Social engineering is a dangerous form of hacking that is gaining in popularity, particularly as social media becomes more widely used across the globe. People who tend to use social media sites like Facebook and Instagram often give away much more information about themselves and their friends and family than they realize, making it easy for hackers to be able to "fill in the blanks" and gain access to sensitive facets of their identities.

For example, CNN reported that in 2008, hackers were able to access the email account of then-Alaskan governor and vice-presidential candidate Sarah Palin by social engineering and then using information about her they gathered to guess the answers to her password security questions, such as her birth date and home zip code.

In other cases, cybersecurity experts say hackers will create fake social media accounts on sites like Facebook, and LinkedIn — where people are more likely to accept connection requests from people they don't know in order to network for business purposes — to gain access to victims' profiles, allowing them to gather personal information on them for nefarious purposes.

Johnson's and Brennan's hacker said he did what he did in order to shame the two U.S. officials. He said he is an American student who disapproves of the U.S. government's financial support of Israel and the fight against Palestine.

While limiting the information you post online could help reduce your risk of being hacked, what if your personal information is already out there?

LifeLock's Privacy Monitor could help keep your information private.

4 Million Members and Counting


"I almost lost my job because someone used my driver’s license and received 8 violations."
- Casey S.


"All of my personal information, even my social security card, was taken."- Jamie A.

It only takes minutes to sign up.

Start Your Membership