The news is full of stories about email hacking. It started during the Presidential campaign, and is continuing, with almost daily revelations about politicos being hacked, like Vice President Mike Pence.
You might think the Russians are to blame for all of it. But the problem goes deeper than that. “From a security standpoint, email is fundamentally broken,” Brian Barrett writes in Wired. “Until that changes, expect email hacks and scandals aplenty.”
Wait, Brian. Don’t our IT guys have this under control? Ho ho. “For a dedicated hacker or social engineer, a user name and password presents only the slightest hassle,” Barrett writes. “And they have no trouble finding plenty of password fodder for public figures — names of family members, favorite sports team, birthdays, and so on.”
Okay. But don’t services like Gmail protect the user? Again, Barrett answers in the negative. “However secure a platform like Gmail is on the back end, its ready accessibility from any web browser means anyone can take a crack at invading anyone else’s account,” he adds.
Marketers may think they are immune from hacking or data theft. But they’re not, as proven by two recent incidents, of which neither is highly technological. The first is the leaking of 1.4 billion names by an alleged spammer: River City Media.
“The data was left completely exposed to anyone who happened to be poking around,” writes Lee Mathews in Forbes. “It wasn't even secured by a user name or password.”
Worse yet, “in addition to spilling over a billion email addresses (and, in some cases, physical addresses), the leak exposed numerous documents that revealed the inner workings of RCM's spam operation,” Barrett continues.
We tend to think of a hacker as an obese guy sitting on a bed in New Jersey (as President Donald Trump reportedly has described one). But that wasn’t so in the case of River City Media, or in an episode involving ecommerce companies in Australia.
In that one, the online fashion house Showpo has sued a former employee, Melissa Aroutunian, charging that she handed its 306,000-name customer database to her new employer: an online retailer called Black Swallow, The Sydney Morning Heraldreports. Black Swallow used the list to “market itself as an affiliate of Showpo, using similar branding,” Showpo alleged, according to the Morning Herald.
Perhaps that allegation isn’t true. But if it is, how did Arountunian get her hands on the database? Isn't Showpo to blame for its own dilemma? And while we’re on the subject, ask yourself: How well are you protecting your customers’ email addresses and personal information?
All that said, there’s still one thing I don’t understand about political hacking: Why do politicians and even CEOs put sensitive, sometimes incriminating statements into emails?
When I worked for a large company, I studiously avoided putting profanity or negative comments about my boss into emails. I knew full well that someone might read it in addition to the intended recipient.
Did this impair my ability to communicate? Hardly. I found that if I wanted to get a point across, it was better to do it in person, or to use that instrument we sometimes forget in our haste: the telephone.
Why do politicians and their sidekicks persist in letting it all hang out? Call it the Nixon complex. Richard Nixon surely never expected to have his tape recordings exposed — he probably forgot the machine was turned on at times. But they did come out, and they did him in when one tape showed him obstructing justice. They also revealed him to be a foul-mouthed bigot.
Even now, new Nixon tapes are released every few years, and they’re always fun to read. I call it the gift that never stops giving.
In the end, though, email is different — everyone knows emails can be captured by outsiders and shared with the world. Thus, it should be used with discretion and protected. Barrett sums it up: “Public figures will always use email. And email will always be a rich target,” he writes. “So yes, call Pence out for his hypocrisy. Giggle at his using an email provider best remembered for its CD-ROMs. But remember that the age of the email hack is only getting started, and won’t end until we fix email. Or fix ourselves.”