Bush family email hacked: Here's a security refresher

A hacker named Guccifer broke into several of the Bush family email accounts and spilled their contents online

Thanks to an anonymous hacker self-identified as Guccifer, we now know that former President George W. Bush likes to paint self-portraits in the bath. That's one of the tidbits revealed when at least six email accounts belonging to Bush family members were hacked and their contents shared online. The high profile hack underscores, once again, the importance of a strong password when it comes to your email account - whether you are the former President of the United States or an average Jane or Joe Gmail user.

The email messages from the family of George H.W. Bush and close friends span 2009 to 2012, and include private family discussions along with family photos, according to The Smoking Gun.

Other than the shower paintings, the photos posted online are pretty generic. One shows former presidents George H.W. Bush and Bill Clinton posing with a younger member of the Bush clan, possibly Pierce Bush (no stranger to online over exposure himself). Others include photos of Jeb Bush, George W. Bush, and Laura and Barbara Bush.

The Bush family intrusion is the focus of a criminal investigation, a Bush family spokesperson told The Houston Chronicle. Hacking public figures has become a routine occurrence in recent years, with email, personal photos, cell phones, and social networking accounts all under fire. The Bush family joins a roster of hacked politicians that includes former Alaska governor and vice presidential candidate Sarah Palin and Sen. Chuck Grassley. Beyond politicians, the volume of celebrity hacks inspire countless online slideshows, including leaked photos of Miley Cyrus, Olivia Munn, and Scarlett Johansson.

But not only public officials and celebrities get hacked. Sometimes people become a target just because of their Twitter handle, political activities, or for no apparent reason at all. Over the last few days, for example, I've been seeing a warning at the top of my Gmail window to let me know state-sponsored attackers might be trying to compromise my account.

So what can you do to prevent attackers from breaking in and flooding the Internet with your personal snapshots, documents, and email? Here's a refresher on security practices.


Try to choose a password that is lengthy (a minimum of ten characters should do the trick) and includes numbers, letters, and special symbols (if allowed). Many password managers such as 1Password, KeePass, and LastPass can generate and remember passwords for you. This makes it much easier to manage multiple online accounts, each with unique and hard-to-remember passwords. For more about passwords, check out these PCWorld tips.

You should never use the same password across multiple accounts, and that piece of advice goes double for sensitive accounts. That would cover anything that involves your money or your online identity, including banks or PayPal; sites that save your credit card information such as Amazon, e-mail accounts, Facebook, and Twitter; or any other social networks where you use your real name.

Two-factor authentication

If you have any online accounts that can be secured with two-factor authentication, use it. This adds an extra layer of protection, making it harder for hackers to break in. The basic premise of two-factor authentication is that accessing a protected account requires two things: Something you know (your password) and something you have (an authentication token).

Many authentication tokens can be generated by smartphone applications, such as Google Authenticator. These apps provide time sensitive codes that you have to enter after your enter your password. Examples of services that support two-factor authentication include Battle.net, Dropbox, Google, and LastPass.

Account recovery

One popular point of attack is to use a Webmail service's account recovery option. Hackers try to break into a primary email account by taking over a secondary account. If you were using myemail@gmail.com, for example, hackers might click the "forgot password" link and figure out that your back-up address is myemail@hotmail.com. Many people forget to keep their recovery account up to date, allowing hackers to restart a forgotten email address, and have an account recovery email sent to it. Then, before you know it, you're locked out of your Gmail account. Google and other Webmail providers periodically show you reminders to make sure your account recovery options are up to date--don't ignore these warnings.

Don't daisy chain

When it comes to sensitive accounts, ones that manage your money or your online identity, don't use the same recovery email account for all of them. If your single recovery email address falls, that can snowball into a hack that reaches across your entire online life. For more information on how this can quickly turn into a nightmare see Honan, Mat.

Now for the bad news

Those are some of the best practices you can handle to make sure your data stays safe. But some weaknesses are beyond your control. For example, the bad guys could trick customer tech support into resetting your passwords, or use some other social engineering hacks involving third parties.

Ultimately, there's only so much you can do to deter hackers. But the harder you make it to hack your online life through proper password management, two-factor authentication, and account recovery practices, the less likely you are to become a victim of malicious actors online.

Join the CSO newsletter!

Error: Please check your email address.

Tags hackersemailsecurity

More about Amazon Web ServicesBillBushDropboxFacebookGooglePayPalSmoking Gun

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Paul

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place