Software // Enterprise Applications
News
9/4/2007
01:37 PM
Connect Directly
RSS
E-Mail
50%
50%

Researcher Purposefully Posts 100 Government E-Mail Addresses And Passwords

Those exposed include accounts to the Kazakhstan Embassy in Russia, the Hong Kong Human Rights Monitor, and the Office of the Dalai Lama.

A security researcher in Sweden published the addresses and passwords for about 100 government and embassy e-mail accounts, to "put light" on serious security problems.

Dan Egerstad, the researcher behind the DErangedSecurity blog, posted the e-mail account information late last week. The listing supposedly includes e-mail addresses and related information for the Kazakhstan Embassy in Russia, the Uzbekistan Embassy in Dubai, the Hong Kong Human Rights Monitor, and the Office of the Dalai Lama.

"Yes, it's the real deal and still working when we are posting this," Egerstad wrote in the blog entry. "So why in the world would anyone publish this kind of information? Because seriously, I'm not going to call the president of Iran and tell him that I got access to all their embassies. I'm DEranged, not suicidal!"

Egerstad went on to say in his blog that he hopes publishing the information will shed some light on security issues that generally don't get discussed and that it will push the various governments to fix the problems faster than normal.

"Here is everything you need to read classified e-mail and (expletive) up some serious international business," he added. "It's only a matter of time until someone else gets the same information. Or wait, does someone else have this already? For how long have they had it? What are they doing with it?... I would like to remind everyone that using ANY of this is a serious crime and I trust that nothing here will be used, ever!"

The blogger's move to release the information got mixed reviews from readers leaving comments. As of early Tuesday afternoon, there were 315 responses.

One reader, calling herself Anna, simply wrote, "great job dude."

Another reader, calling himself Saviour, took an alternative view, writing, "u stupid, u r putting our security at risk... this is not fair for any sensible mind to do such kind of henious act... u r encouraging crime in the society and playing with the lives of 100 of millions of people... by putting their countries' key installations' passwords on the net... this can have grave consequences for our national security."

And a reader identifying himself as Wakeupcall, wrote, "I hope this is a kind of wakeupcall to everyone out there. I think this is just a glimpse of how careless Companies, Organisations etc. are and the fact, that most of the passwords still have not been changed is a good example of stupidity."

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 10, 2014
A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? When it comes to big data, one size doesn't fit all. Here's how to decide.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.