Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why is the exposing of a government employee's email address a security risk to you?

Edit, because downvotes: government email addresses can be retrieved easily through public records laws, and is done routinely, and can easily be scraped or inferred. I've done both many, many times, and it's trivial.



Well at the very least it presents a soft target for hacking into his personal email adddress (it's gmail not govenrment) and secondly, compromising it literally gives you access to dial into cabinet meetings.


Michael Gove has an illustrious history with his private emails as well: https://www.bbc.co.uk/news/uk-politics-17235168


Read my edit. Email addresses can be received through public records requests routinely. It's a public record!


This email address could be at any provider - perhaps it's his personal gmail address, for example.


And like one of the other comments in this chain points out - his personal email address was being used for government affairs, and that made it open to public records law suits. The public already has access to it.


Posting something like that on Twitter is like a dare.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: