Security expert breaks into TV star's Facebook account
By Stuart Turton
Posted on 19 Mar 2010 at 15:37
A security expert has highlighted the dangers of Facebook by hacking a television presenter's account and projecting his personal pictures onto an advertising billboard.
Graham Cluley is Sophos's senior technology consultant and was invited by the ITV Tonight programme to see what it could uncover about presenter Jonathan Maitland.
Cluley began by trying to befriend Maitland on Facebook using his own name, but when he was ignored he turned to LinkedIn to see what other valuable information he could glean about the presenter.
Maitland left with a dossier full of print outs of his private emails, and a strong reminder to change all of his online passwords
"I discovered a company that Maitland was involved with, and a list of some of his fellow workers," wrote Cluley on his blog.
"I noticed that at least one of them (who had been recently promoted, so presumably was well-regarded) wasn't currently friends with Maitland on Facebook. So, I created a fake Facebook account using that individual's name and using a picture I found on the net," he concluded.
Cluley promptly fired off a friend request to Maitland and was accepted. "For many identity thieves this would have been enough. It would have been possible to send a malicious link to my intended victim, contact his friends or scoop up personal information from my prey's profile," he wrote.
However, the security researcher had also discovered from online biographies that Maitland was a fan of Charlton Athletic football club.
Using this information, he correctly guessed Maitland's Facebook password, giving him unrestricted access to the account.
When the cameras rolled the production team borrowed a digital advertising board at Liverpool Street Station and projected images of Maitland, his pet dog and his band to bemused commuters.
"Maitland left with a dossier full of print outs of his private emails, and a strong reminder to change all of his online passwords," said Cluley.
From around the web
Security expert....er....my backside he is and as for breaking, what exactly did he break? He made a fake account and guessed a password. This is something a five year old could do. Yes Jonathan Maitland is daft to have such a weak password and double daft to accept a friend without first looking closely at that persons profile. Then again no one would be daft enough to put sensitive information on the internet/facebook (hmmmm....) Oh a few photos are stolen...so what he's on TV as such he gets photographed all the time. JEEZ!!!!!
Stolen emails.... I'm presuming he used the same password for his email account? or are you talking about his facebook email account? Not that it matters much.
This story isn't about a security breach, its about some muppet who probably has '1234' as his house alarm code.
Mind you whose to say he didn't change his password to make it easy on the so called Security expert at Sophos, after all it wouldn't be much of story if it said "Security Expert fails" haha!
If this story was about some hacker using scripting for example to bypass security completly then yes I would agree it was breached, but to actually login to an account does not come close to breaking it!!!!
By anthonysjones on 20 Mar 2010 
Hum; He has been an expert in that field for quite a long time, and one of the important attributes of expertise is to know when to use the tools, and when they're not needed.
What has your backside got to do with it?
By Steve_Cassidy on 21 Mar 2010
Okay I'll concede that point but still he broke sack and all.
By anthonysjones on 22 Mar 2010
That's rather the point isn't it? This isn't some dweeb bragging about his l33t hacker skills, this is Sophos and the Tonight program telling people how easily your private data can be stolen if you're flippant about security.
By nelviticus on 22 Mar 2010
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
