Palin email intruder indicted, faces up to five years in prison

By

A 20-year-old Tennessee man has been indicted on charges he accessed GOP vice presidential candidate Sarah Palin's Yahoo email account without permission.


Updated on Wednesday, Oct. 8 at 3:11 p.m. EST

A 20-year-old University of Tennessee student was indicted Tuesday on charges he broke into Republican vice presidential candidate Sarah Palin's email account -- and then publicly posted some of the contents -- without permission.

David Kernell, 20, of Knoxville, Tenn., is accused of exploiting Yahoo's password recovery tool to crack the password for Palin's account, the U.S. Department of Justice said Wednesday. He also tried to hide his tracks by enlisting the help of a web proxy service.

According to the indictment, Kernell -- who used the online alias "rubico" and "rubico10" -- reset the password to "popcorn" by correctly answering a number of personal questions that Palin had created to recover her password should she forget it.

These included her birthday, zip code and where she met her husband, Todd. Kernell, in a personal account he posted to an internet forum, said he used simple Google searches to determine the responses.

Authorities said Kernell, once he reset the password, accessed the account, where he read the contents -- which included photos and contact information -- and made screenshots of a number of emails. He posted several of the messages to whistleblower website Wikileaks, which were picked up by several other news sources.

Kernell also posted the new password to the 4chan forum, authorities said. At least one other person used the code to access Palin's account.

If convicted, Kernell, the son of Democratic Tennessee state Rep. Mike Kernell, faces up to five years in prison and a US$250,000 fine. The elder Kernell has said he had no involvement in the incident, according to published reports.

No trial date was scheduled.

Kernell's attorney did not immediately respond to a request from SCMagazineUS.com for comment.

Kelley Benander, a Yahoo spokeswoman, declined to comment on the case. Asked by SCMagazineUS.com whether Yahoo has made any changes to its password recovery service since the Palin incident, she said the company is continually working to enhance security processes.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
alaskaemailindictedpalinprisonsarahsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?