Jack Recider

James Clapper was actually not the first person from the intelligence community that CWA hacked into. Their first was Homeland Security Secretary Jay Johnson. Krakow got into his Comcast account somehow. And Default was seeing all this and chatting more with Krakow.

Together, they teamed up. And, well, you know what? I'll just let Lester Holt from CBS News take it from here.

Together, they teamed up. And, well, you know what? I'll just let Lester Holt from CBS News take it from here.

I'll help you out. I mean, the year was 2015. Who remembers little details like this from eight years ago? My research shows that they first found John Brennan's mobile phone number. And they did a mobile number lookup and discovered he was a Verizon user. So time to put on the ruse.

I'll help you out. I mean, the year was 2015. Who remembers little details like this from eight years ago? My research shows that they first found John Brennan's mobile phone number. And they did a mobile number lookup and discovered he was a Verizon user. So time to put on the ruse.

They were going to call up Verizon, pose as a technician on site trying to help out a customer, John Brennan, but for some reason were having trouble. So they called Verizon asking for help on his account. Verizon is like, what's your employee code? They made one up and it worked. The support technician at Verizon asked, well, why can't you just get into the account yourself?

They were going to call up Verizon, pose as a technician on site trying to help out a customer, John Brennan, but for some reason were having trouble. So they called Verizon asking for help on his account. Verizon is like, what's your employee code? They made one up and it worked. The support technician at Verizon asked, well, why can't you just get into the account yourself?

And they said, the tools are down and we need to get this going quick because the customer is waiting. So the support technician was like, okay, sure, I'll help. What do you need to know?

And they said, the tools are down and we need to get this going quick because the customer is waiting. So the support technician was like, okay, sure, I'll help. What do you need to know?

And this is how they got John Brennan's Verizon account number, his four-digit PIN, a backup mobile number to his account, the email associated to his account, which was an AOL email, and the last four digits of his bank card. Now that they had this extra information on him, How can they leverage that to take this a step further?

And this is how they got John Brennan's Verizon account number, his four-digit PIN, a backup mobile number to his account, the email associated to his account, which was an AOL email, and the last four digits of his bank card. Now that they had this extra information on him, How can they leverage that to take this a step further?

Well, they know his AOL email address, which when you log into AOL, the username is the email. So they had John Brennan's email username, but not the password. Hmm. Well, time to call AOL. So they called AOL, this time acting like John Brennan. Hi, I've been locked out of my email account. Can you help me get back in? Sure, Mr. Brennan, but I'll need to verify it's you. Okay.

Well, they know his AOL email address, which when you log into AOL, the username is the email. So they had John Brennan's email username, but not the password. Hmm. Well, time to call AOL. So they called AOL, this time acting like John Brennan. Hi, I've been locked out of my email account. Can you help me get back in? Sure, Mr. Brennan, but I'll need to verify it's you. Okay.

Can you tell me the last four digits of your credit card number? Why, yes. Yes, I can. Because they had this information from the data they got from Verizon. Clever, clever. And so when they gave this information to AOL, this let them reset his password and get into John Brennan's AOL email. On October 12, 2015, they gained access to the inbox of the director of the CIA.

Can you tell me the last four digits of your credit card number? Why, yes. Yes, I can. Because they had this information from the data they got from Verizon. Clever, clever. And so when they gave this information to AOL, this let them reset his password and get into John Brennan's AOL email. On October 12, 2015, they gained access to the inbox of the director of the CIA.

They started looking through his emails, reading one after another, looking at attachments sent. One attachment had a list of U.S. intelligence officials, which included their social security numbers. Why in the world was John Brennan using his AOL account to send emails that included social security numbers of U.S. intelligence officials? This is such bad OPSEC. Why, director of the CIA? Why?

They started looking through his emails, reading one after another, looking at attachments sent. One attachment had a list of U.S. intelligence officials, which included their social security numbers. Why in the world was John Brennan using his AOL account to send emails that included social security numbers of U.S. intelligence officials? This is such bad OPSEC. Why, director of the CIA? Why?

You know better. I think it just goes to show that no matter how much you know about privacy and security, we're still human and screw up this whole security thing.

You know better. I think it just goes to show that no matter how much you know about privacy and security, we're still human and screw up this whole security thing.

Ooh, this is no good. The SF-86 form is the form that you fill out to apply for secret clearance, which means it has your entire background listed clearly in the form. Social security number, email address, telephone number, place of birth, aliases, passports use, prior addresses, names of your neighbors, what school you went to, your military history, past employers. It's everything on a person.