The personal email account of CIA director John Brennan has reportedly been hacked by a high school student, who told the New York Post that he gained access to sensitive work-related files.
One of these files was supposedly a 47-page application to be granted the top security clearance. US authorities are still investigating the incident.
A statement from the CIA said: "We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities."
Brennan's personal account was also said to contain a government letter regarding the use of “harsh interrogation techniques” on terrorism suspects, as well as personal informtion and Social Security numbers of several US intelligence officials.
The hacker, who has remained anonymous, claimed to have accessed the account using a process called "social engineering," which involved tricking Verizon workers to give up Brennan's personal information and then resetting the password on the CIA director's AOL account.
Robert Hansen, VP of Security at WhiteHat Security commented: "This problem really boils down the the 'consumerisation' of the Internet. That is, employees of companies generally dictate the technology that they end up with, and trying to limit what an employee does really just makes them shift to other means of communication when the primary means are prohibitive. In this case AOL was simply easier for John Brennan to use, and one has to have some empathy for someone in the position he surely is in. However, undoubtedly it was an unwise choice in the long-term and was extremely dangerous.
"The primary means of preventing this are to block access to those providers completely while at work, or alert management when the employee is accessing the service. In this case, the executive in charge was the one doing something dangerous so that technique is limited to employees and generally is not a successful strategy for management.
"Management generally live by different rules, and in this case it proves that those rules while sometimes nice can end up being an enormous liability."
Image source: Shutterstock/bluebay