The Washington Post
The Secret Service is investigating a hacker’s apparent theft of a trove of personal emails and photos belonging to the Bush family after they were posted late Thursday by the Smoking Gun Web site.
A report by the Smoking Gun said the emails covered the period from 2009 to 2012, and that a total of six accounts appeared to have been compromised. Among those hacked were Dorothy Bush Koch, daughter of President George H.W. Bush and sister of President George W. Bush; as well as sportscaster Jim Nantz, a Bush family friend.
The emails were obtained by a hacker called “Guccifer” and posted in an account “that appears to have been hacked for the purpose of hosting the material,” the Smoking Gun said.
On Friday, a Bush family spokesperson confirmed the hack, and Secret Service spokesman Ed Donovan confirmed Friday that the Secret Service is leading an investigation.
The Smoking Gun did not release the full cache of hacked emails, or provide information about how it learned about them.
“I don’t really want to go into any further details,” Bill Bastone, the site’s editor, said Friday. He also declined to say how many total emails the site had reviewed. “They were posted in an online account, which is where we found them.”
Bastone said he did not anticipate that the site would release more of the emails or photos. The site’s next story, he said, might not come until the hacker is caught.
The Smoking Gun report included several quotes from the stolen emails, which showed intimate moments from the lives of two ex-presidents who have guarded their privacy in retirement.
Some of those moments were grim. Last year, while George H.W. Bush was in very poor health, the emails showed relatives planning for his funeral.
According to Smoking Gun’s report: “The former president’s chief of staff wrote his children to inform them that ‘your dad’s funeral team is having an emergency meeting at 10 a.m. just to go through all the details.’ The Bush aide, Jean Becker, noted that this information ‘fell under the broadening category of things NOT TO TELL YOUR MOTHER.’”
But there were also lighthearted scenes from the life of President George W. Bush, who has kept an unusually low profile since leaving office in 2009. Apparently, he has been painting.
Two months ago, the Smoking Gun said, the 43rd president sent his sister photos of two paintings he was working on. One showed Bush himself in the shower, viewed from the back and from the waist up. Another showed Bush in the bath, gazing out at his legs and toes.
But the former president does not only paint self-portraits. Another photo showed him at work painting St. Ann’s Episcopal Church in Kennebunkport, Maine, near the family compound.
In its story, the Smoking Gun said it had corresponded with the hacker, who told the site that “the feds” had been investigating him for a long time.
The Smoking Gun reported: “Asked if he was concerned about the FBI/Secret Service investigation that will no doubt follow shortly, he replied cryptically, ‘I have an old game with the ⅛expletive€ bastards inside, this is just another chapter in the game.’ “
On Friday, security experts said that hacking email accounts is not difficult to do, and often does not even involve use of malware. Often attackers determine the target’s user name and password using publicly available information.
Last December, a Florida man was convicted after he hacked the email accounts of some stars, including Scarlett Johansson and Christina Aguilera, by correctly guessing the answers to their “Forgot your Password?” security questions.
Another common technique is sending an email to a target with an attachment or link that looks authentic. This lures the target to click on or download the file – opening software that enables the attacker to steal log-in and password data.
That way, the attacker can log in as the victim and gain access to his or her email.
In that second scenario, the difficult part is getting the victim to fall for the malicious email – what is called “social engineering” – and applying the right “exploit” or attack tool against the targeted computer. “The victim needs to be running software for which the intruder has a reliable exploit” that can get the credentials, said Richard Bejtlich, chief security officer for Mandiant, a security firm.
Washington Post reporter Ellen Nakashima contributed to this report.