Last year on October 12, Director of Central Intelligence of America (CIA) John Brennan’s American On-Line (AOL) e-mail account was hacked by a probable high school student. News of the incident was first reported by the New York Post after the teenager established communication with the newspaper the week before. Data breach activity took place against Brennan by the teenager who was social engineering to take control of Brennan’s AOL e-mail account. The hacker wasn’t working alone there were two other people helped him on the breach. Pretending to be a Verizon (A GSM operator company in the US) technical worker, they tricked another Verizon worker in order to get Brennan’s some personal data such as last four digits of the bank card number. With the information they obtained from Verizon, they did not have any difficulties resetting the AOL e-mail account password. It was a shocking, disturbing and annoying event experienced …show more content…
After they found out that he was using Verizon, they advanced the second phase: Social Engineering. One of them posed as a Verizon technician and called Verizon company to reach more detailed information about Brennan’s account. He told them he works for Verizon and he has a customer on scheduled callback. Adding that he was unable to access Verizon’s customer database on his own because “ tools were down.”After that, Verizon company representative asked for vCode(a code which is assigned each of employees of Verizon), and the hacker gave them a made up code. Then, Verizon provided the data easily as they were seeking for: “four digits PIN, AOL e-mail address,the backup mobile number on the account and the last four digits of bank card.” That was the greatest vulnerability which hackers exploited on that occasion. It was done just for a vCode. Verizon should have authenticated the caller to give personal