US man indicted for hacking Palin's e-mail account

David C. Kernell was indicted on a single charge of accessing a protected computer.

A 20-year-old Tennessee man has been indicted for hacking into an e-mail account of U.S. vice presidential candidate Sarah Palin, according to court records.

David C. Kernell was indicted Tuesday on a single charge of accessing a protected computer by a grand jury in U.S. District Court for the Eastern District of Tennessee in Knoxville. The indictment, which carries a maximum sentence of five years in prison and a US$250,000 fine, was unsealed Wednesday, the U.S. Department of Justice said.

Kernell, from Knoxville, turned himself into law enforcement authorities on Wednesday and was released the same day after pleading not guilty at his arraignment. His trial is set for Dec. 16, according to a statement from his attorney, Wade Davies.

David Kernell is the son of Mike Kernell, a Democratic state representative from Memphis.

The three-page indictment alleges that Kernell gained access to a Yahoo e-mail account used by Palin, the Republican governor of Alaska, on about Sept. 16. Palin was named Senator John McCain's vice-presidential running mate in August.

The next day, Wikileaks.org published several screen shots of Yahoo e-mail messages, e-mail addresses of Palin family members and associates, and other data that hackers claimed to have obtained from Palin's private account.

A hacking group known as Anonymous claimed to have gained access to Palin's gov.palin@yahoo.com account and sent the information to Wikileaks, which acts as an anonymous clearinghouse for leaked documents.

"Governor Palin has come under criticism for using private email accounts to conduct government business and in the process avoid transparency laws," Wikileaks wrote in a note accompanying the material. "The list of correspondence, together with the account name, appears to re-enforce the criticism."

Bloggers had fingered Kernell as a suspect after linking him to the online name "rubico," used by the hacker who claimed to have accessed Palin's Yahoo account. Rubico claimed to have accessed the account by using Yahoo's password reset feature and answering security questions with publicly available information, and the indictment supports that claim. He guessed correctly that Palin had met her husband at Wasilla High.

The indictment alleges that Kernell posted screenshots of Palin's e-mail messages, e-mail addresses of her family members, pictures of her family and at least one mobile phone number to the 4chan.org Web site. It's unclear in the indictment how the information came to Wikileaks from 4chan.org, an image-based bulletin board.

Another person also reset the account's password and was able to access Palin's e-mail account, the indictment said.

According to a report in the Knoxville News Sentinel, Kernell was released on the condition that he stay away from computers. He is also barred from leaving east Tennessee without the permission of his parole officer.

When U.S. Magistrate Judge C. Clifford Shirley told him not to discuss the case with any potential witnesses, Kernell asked if that included his girlfriend too.

Tags sarah palin

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Audit Management Solutions

Manage the complete audit lifecycle from audit universe identification and risk assessment to management/board reporting and quality assurance.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.