Re: [ISN] Prosecutor resigns over hacked PC

From: InfoSec News (isn@private)
Date: Fri Oct 15 2004 - 03:28:45 PDT


Forwarded from: Jan Meijer <jan.meijer@private>

Hi,

Couple of small clarifications:

On Thu, 14 Oct 2004, InfoSec News wrote:

> http://www.theregister.co.uk/2004/10/13/dutch_prosecutor_hacked/
>
> By Jan Libbenga
> 13th October 2004
>
> A leading Dutch prosecuter resigned yesterday after hackers entered
> his mail box and revealed yet another classified letter addressed to
> the public prosecutor's office.
>
> This was the second security lapse in recent days for Joost Tonino,
> a specialist prosecutor in white collar crime. Just last week Tonino
> was left red faced after it emerged he had put his old PC out with
> the trash. The hard disk, which should have been destroyed,
> contained hundreds of pages of confidential information about high
> profile cases, as well as his credit card number, social security
> number and personal tax files.

A social security number in .nl doesn't get you as much profit as I
believe it does in .us.

> A taxi driver who discovered the PC decided to sell the information
> to a Dutch TV crime reporter, who last week revealed on Dutch
> television what was on the hard disk. The reporter also managed to
> open his email

It's nicer then that.  The taxi driver tried to sell it to the local
Amsterdam TV station AT5.  The chief editor of the local news program
refused it.  Rumour goes this was because his wife holds a position
(what I forgot :( at the same court Tonino worked.

After he saw there was no money in it the taxi driver went to the
crime reporter.  The other editors at the local TV station now want
their chief to leave.....

> box. Although Tonino changed his password immediately after this
> painful incident, Dutch hackers were able to get access his mail box
> and published yet another letter by Tonino on a Dutch weblog. In
> this letter Tonino downplayed the importance of the information
> found on his PC, claiming "it was material of little importance".

His email-account was hacked.  Which is illegal.  And will be
prosecuted.  One still wonders why a prosecutor has a private email
account that is easy to hack according to the kiddies, why proper
security measures were not used on his home PC and why he uses his
private emailaccount for work related matters (one can guess, this is
probably due to prohibitive security measures at his workaccount
preventing him from being productive....).

Jan

-- 
http://www.surfnet.nl/organisatie/jame



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Fri Oct 15 2004 - 04:42:50 PDT