Home Tags Michelle Obama

Tag: Michelle Obama

Trump admin. delays Obama-era reboot of nutrition label amid industry pressure

Labels made calories per serving and per package clearer, included added sugar count.

Trump admin. rolls back Obama-era nutrition standards for school lunches

Sodium levels, whole grain requirement, and milk options affected by the change.

“Hacked” e-mail account of White House worker exposed in 2013 password...

Enlarge / A photo of First Lady Michelle Obama's passport from a dump of the e-mail of White House contractor Ian Mellul. Mellul's password may have been in a 2013 Adobe user data breach.reader comments 29 Share this story On September 21, a dump of an e-mail account belonging to a White House contractor was posted to the "hacktivist" website DCleaks.com.

This is the same site that already revealed e-mails from former Secretary of State Colin Powell, a Navy captain leading a weapons procurement program, and a public relations person who has done advance work for Hillary Clinton.

The latest victim did advance work for travel by First Lady Michelle Obama and Vice President Joe Biden.

Attributing the leak will be difficult because, as with previous "dumps" published on DCleaks, the compromised account's password information was widely available on the Internet from a previous data breach. An unnamed US intelligence official was quoted by NBC News as calling the leak of contractor Ian Mellul's e-mails "the most damaging compromise of the security of the president of the United States that I've seen in decades"—one caused by the use of an outside personal e-mail account for government business. The e-mails included full scans Mellul had forwarded to himself from a White House e-mail account of passports, including Michelle Obama's. Mellul likely forwarded the e-mails to his Gmail account because he couldn't access White House mail offsite without a secure device. Government sources have described DCleaks.com as being connected to Russian intelligence organizations.

But just about anyone could have gotten into Ian Mellul's e-mail if he was using the same password for his Gmail account that was exposed in a 2013 breach of Adobe user data—just as was Navy Captain Carl Pistole's.

The accounts of Powell and of Sarah Hamilton were both leaked as part of a 2012 breach of Dropbox's user data, according to data from HaveIBeenPwned. The earlier exposure of Mellul's account in the Adobe breach, combined with the rest of the accounts attacked and DCleaks.com's overall digital footprint, makes the attribution of the e-mail exposures much more difficult.

The DCleaks domain was registered through an Australian domain privacy service.

The site itself is hosted by a company in Malaysia and runs on WordPress using a commercial theme called "Stockholm," from the Australian design firm Envato—a fairly out-of-the-box site with its MySQL server ports left open to the Internet. Anyone with the time or money to sift through breached user data for targets connected to the US government could be behind the exposure of the e-mails.

And while DCleaks has particularly targeted Clinton, her husband former President Bill Clinton, the Clinton Foundation, and George Soros' Open Society Foundation in past document dumps—leading to suspicions that someone working on behalf of the Russian government was behind them—plenty of other, less sophisticated "cyber actors" out there might want to dump trash on Obama and Clinton.

As former US Assistant Attorney General Jack Goldsmith said in a panel on the Democratic National Committee breach earlier this week, "The number of actors who could do this are many, and our ability to defend against it is uncertain."

50 CELEBRITY SECRETS EXPOSED scores year behind bars

Man behind exposed.su document dump and swatting rampage jailed The New York man behind a 2014 data dump site exposed.su has been sentenced to a year in prison, plus 12 months for time already served, for doxing high-profile figures including First Lady Michelle Obama, Presidential candidate Donald Trump, and artist Jay Z, and placing dozens of highly-dangerous swatting calls. Mir Islam, 22, exposed data on some 50 public figures including former FBI director Robert Mueller, former Central Intelligence Agency Director John Brennan, and celebrities Ashton Kutcher, Beyonce, and Tom Cruise. Their personal information was uploaded to exposed.su triggering a MediaOutrageStormTM. KrebsonSecurity reported at the time that the hackers were obtaining cheap credit reports using information provided by the sssndob.ru service. Swatting is the practice of calling police to report bogus threats at a victim's location, an action that often results in the appearance of heavily armed SWAT officers. Islam pleaded guilty on 6 July last year to three charges including one count of conspiracy to commit a range of federal offenses, including identity theft; access device fraud; social security number misuse; computer fraud; wire fraud; assaulting federal officials; and interstate transmission of threats.

The other charges included one count of threatening and conveying false information concerning the use of explosives and one count of cyber-stalking. “The crimes committed by this defendant violated the privacy of dozens of people, fostered identity theft, and endangered the safety of many others,” US Attorney Channey Phillips says. “Mir Islam put people at risk on the internet and in their own homes, placed responding police officers at risk, created a dangerous situation on a college campus, caused substantial emotional distress to numerous victims, and diverted law enforcement from work they could be doing to protect the public. "Today’s sentence reflects the seriousness of his crimes and hopefully will deter others from similar actions.” KrebsonSecurity reports Islam's defence argued he suffered from multiple psychological disorders and that the crimes were perpetrated from a sense of “anarchic libertarianism” intended to expose government overreach on consumer privacy and use of force. Islam was previously arrested with 24 others under the FBIs Carder Profit sting, but was sentenced to a mere day in jail. The hacker admits to running Exposed.su while cooperating with police during the time of the Carder Profit arrests, Krebs on Security reports. Islam was re-arrested in September 2013 for violating the terms of his parole, and for the swatting and doxing attacks to which he pled guilty. ® Sponsored: 2016 Cyberthreat defense report

How LexisNexis and others may have unwittingly aided identity thieves

ID thieves hack data brokers, then steal and sell millions of SSNs and birthdates.