Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday July 23 2016, @08:20PM   Printer-friendly
from the because-information-wants-to-be-freed dept.

DNC [Democratic National Committee] top dogs can't seem to wrap their brains around GPG encryption, and so now we have the chance to peruse their emails. Which is nice, but still sort of shocking that the people who want to run the country can't secure their communications. It will probably take a while before anything of great interest is found in the archive because it was just released , but if you want to help in the search, have fun.

Here is one amusing excerpt:

NOTICE: This communication may contain privileged or other confidential information. If you have received it in error, please advise the sender by reply email and immediately delete the message and any attachments without copying or disclosing the contents. Thank you.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by butthurt on Sunday July 24 2016, @02:40AM

    by butthurt (6141) on Sunday July 24 2016, @02:40AM (#379269) Journal

    [...] my name and full credit card info [...]

    There may be more to it [hackread.com]

    [...] such as first and last names, full address, zip codes, phone number, email address, occupation, employer, credit card data and donated amount. That’s not all, the plain-text data also includes passport numbers, IP addresses and system details of the client such as operating system and browser info.

    The Verge says [theverge.com] there are Social Security numbers too.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by butthurt on Monday July 25 2016, @01:28AM

    by butthurt (6141) on Monday July 25 2016, @01:28AM (#379614) Journal

    I searched for "visa" and looked at 3 of the 183 results. The mails I looked at had each donor's name, address, occupation, employer, employer's address, phone number, user-agent, IP address, amount of contribution, card type, and last four digits from the credit card. They don't have the full credit card information, hence they can't directly be used for fraudulent credit/debit transactions. For what it's worth, they may be PCI-compliant. In the few e-mails I looked at, there was no mention of passport or Social Security numbers.

    When people donate to American political parties, the information sometimes becomes a public record. I'm uncertain what exceptions there are. I imagine that the information that must be disclosed is more limited than what's contained in these messages.

    While I didn't see an assertion that all the e-mail messages had been exfiltrated from the server, nor did I see an assertion that all the messages that were exfiltrated have been released through Wikileaks. Hence it would be hasty to extrapolate from the 183 matches for "visa" and conclude that probably fewer than a thousand donors have been victimised in this attack.