By Michael D. Shear and Karl Vick
Washington Post Staff Writers
Thursday, September 18, 2008
A group of computer hackers said yesterday that they had accessed a Yahoo e-mail account of Alaska Gov. Sarah Palin, the Republican vice presidential nominee, publishing some of her private communications to expose what appeared to be her use of a personal account for government business.
The hackers posted what they said were personal photos, the contents of several messages, the subject lines of dozens of e-mails and Palin's e-mail contact list on a site called Wikileaks.org. That site said it received the electronic files from a group identifying itself only as "Anonymous."
"At around midnight last night some members affiliated with the group gained access to governor Palin's email account, 'email@example.com' and handed over the contents to the government sunshine site Wikileaks.org," said a message on the site.
Rick Davis, the campaign manager for Republican presidential nominee John McCain, issued a statement yesterday afternoon condemning the incident.
"This is a shocking invasion of the Governor's privacy and a violation of law," he said. "The matter has been turned over to the appropriate authorities and we hope that anyone in possession of these e-mails will destroy them. We will have no further comment."
The episode focuses attention on Palin's use of her personal e-mail account as lawmakers in Alaska look into whether she fired the state's public safety commissioner, Walter Monegan, because he refused to take action against her brother-in-law, a state trooper at the time.
Palin has been criticized in recent days for using a personal e-mail account to conduct state business. An Alaska activist has filed a Freedom of Information Act request seeking disclosure of e-mails from another Yahoo account Palin used, firstname.lastname@example.org.
That account appears to have been linked to the one that was hacked.
Both accounts appear to have been deactivated. E-mails sent to them yesterday were returned as undeliverable.
Andrée McLeod, who filed the FOIA request, said yesterday evening that Palin should have known better than to conduct state business using an unsecured e-mail account.
"If this woman is so careless as to conduct state business on a private e-mail account that has been hacked into, what in the world is she going to do when she has access to information that is vital to our national security interests?" she asked.
McLeod's Anchorage attorney, Donald C. Mitchell, said Palin declined to comply with a public records request in June to divulge 1,100 e-mails sent to and from her personal accounts, citing executive privilege.
"There's a reason the governor should be using her own official e-mail channels, because of security and encryption," the attorney said. "She's running state business out of Yahoo?"
McCain officials did not return calls and e-mails seeking further comment on the hacking and McLeod's remarks.
The images of the Yahoo inbox posted by hackers are stippled with the names of Palin aides using both official and private e-mail addresses.
Among the e-mails released as part of the records request in June were several from Ivy Frye, an aide, asking a state official whether private e-mail accounts and messages sent to BlackBerry devices are immune to subpoena, then reporting the answer to the governor and her husband, Todd, who also uses a Yahoo e-mail address.
One referenced "Draft letter to Governor Schwarzenegger/Container Tax" and another said "DPS Personnel and Budget Issues," an apparent reference to the Alaska Department of Public Safety.
Michael Allison, chief executive of the Internet Crimes Group, a private company specializing in Internet security, said the hackers may have accessed Palin's account by using publicly available information to guess her password, or by using a small program called a trojan to capture her keystrokes.
"I would hope the authorities would be all over this," Allison said. "The only deterrent is that people know the certainty of being caught."