Insecure email the culprit of hacked FBI-Scotland Yard call?

Sending work documents to a personal email may have been the culprit in this case
Sending work documents to a personal email may have been the culprit in this case

Anonymous has posted a recording of the conference call, which was set up by the FBI with Scotland Yard and other European law enforcement officials, to discus ongoing investigations and prosecution of alleged Anonymous, LulzSec, and Antisec members. The FBI and Scotland Yard have confirmed that the recording is authentic.

The hacktivist group also posted the email sent out by an FBI agent Timothy Lauster to an array of email addresses in the UK, Ireland, France, Germany, and other European countries announcing the Jan. 17 conference call along with the telephone number and access code.

Graham Cluley, senior technology consultant with Sophos, observed: “The assumption has to be that an Anonymous hacker had access to one of the recipients' email accounts, and thus had secret access to the confidential call.”

This is a view shared by Graeme Batsman, director of London-based Data Defender. “Upon analysing how the call was leaked it appears there was a possibility of two options – to get hold of the phone number, username and pin or get hold of the recording (MP3, WAV file). In order to get hold of the call security details you would need to intercept an email or a hack an email account. Getting hold of the recording file would be very similar, to hack into an email.”

The FBI and Scotland Yard said that they are investigating the breach.
 

What’s hot on Infosecurity Magazine?