Leak Clearinghouse, Cryptome, Hacked and Vandalized

As Slashdot tells it, I suspect the email and web hosting providers of just not being secure enough. Network Solutions, in particular, has been plagued with any number of security problems recently. So much so I am surprised to read the attacker took over the site operator’s email to gain access. Thankfully, the folks at Cryptome have a good back up plan and were able to undo the damage.

Wired has some more details in particular from a person who contacted them, claiming responsibility. The alleged cracker offered screen shots of the email inbox of John Young, the founder of Cryptome, and of the file directories on the site’s server. This matches details reported elsewhere but Kim Zetter also got in touch with Young who disputes some of the claims, in particular that any files were destroyed or the volume of snagged info was as large as the supposed attacker claims.

Zetter further explains a connection to WikiLeaks the site’s attacker claims is apparent in the stolen files and emails. Rumors have been circulating recently about discontent withing WikiLeaks, some published, unconfirmed, through Cryptome. The Cryptome intruder claims Young’s email reveals the identities of many of these WikiLeaks insiders. What is more concerning than the eye roll inducing drama is that if the attacker’s claims are creditable, many more sources besides the onces at WikiLeaks may have been exposed.

The Register has a further announcement from John Young, saying he will pursue the vandals who broke into his email and the site. I may be naive, but I read the promise as consistent with trying to protect sources that now may be exposed rather than a knee jerk vendetta.

Cryptome Hacked; All Files Deleted, Slashdot

PayPal Apologizes to Cryptome

The Register explains that the payment service finally responded to co-founder and site operator, John Young. They claim the seizure of his account balance was a mistake but he is far from mollified.

From an email thread posted on the site:

Your apology is inadequate for the harm caused by PayPal’s actions to me, my website Cryptome.org and its donors.

PayPal has never provided a complete and credible explanation for its limitation of my account and confiscation of $5,300.

Young goes on to take issue with allegations made to The Register by staff at PayPal. Regardless of the particulars, the general outline of his complaint matches their handing of the repeated shutdown of Wikileaks’ account as well. None of the incidences has provided any adequate explanation or accountable actions to prevent such mistakes from being made again.