from the sold-out-by-autocomplete? dept
Careless handling of sensitive emails isn’t just a problem for Trump’s top advisor, Jared Kushner. Having rolled into office on the echoing cries of “Lock her up!” Trump’s team nonetheless continued to use private email accounts for official correspondence. Kusher did this twice: using both a Republican National Committee account as well as another personal email address.
It’s a security issue as well as a transparency issue. Personal email accounts — while convenient (and conveniently opaque) — are little more than attack vectors for cybercriminals and state-sponsored hacking. Making this security problem worse are Trump team legal reps, who can’t seem to stop communicating with staffer-spoofing accounts.
A prankster known only by his Twitter handle (SINON_REBORN) has a few admin team trophies on his wall already. The prankster has already duped White House Special Counsel Ty Cobb with an impersonation of White House Media Director Dan Scavino. That followed successful pranking of Breitbart editors and White House Homeland Security Advisor Tom Bossett.
The latest victim is Jared Kushner’s lawyer, Abbe Lowell. He’s been stung twice, as the Verge’s Sarah Jeong reports.
This is the second time that Abbe Lowell, a partner at Norton Rose Fulbright LLP, who began representing Kushner in June, has fallen for a prankster who calls himself SINON_REBORN (a reference to the original legend of the Trojan Horse). Two days ago he corresponded with firstname.lastname@example.org, as the fake Jared Kushner asked for legal advice on whether to remove correspondence on his private email account that featured “adult content.” Fortunately for Lowell, the conversation didn’t go far, ending with, “Don’t delete. Don’t send to anyone. Let’s chat in a bit.”
This email exchange likely gave Kushner’s lawyer a few mental images he wished he’d never had. A more descriptive recounting of the email exchange at Business Insider shows Abbe Lowell tangling with possibly unfamiliar fetishes.
“I need to see I think all emails between you and WH (just for me and us),” Lowell wrote. “We need to send any officials emails to your WH account. Not stuff like you asked about. None of those are going anywhere.”
“But we can bury it?” the prankster responded. “I’m so embarrassed. It’s fairly specialist stuff, half naked women on a trampoline, standing on legoscenes, the tag for the movie was #standingOnTheLittlePeople :(“
That Lowell believed this was from his client raises questions about the frequency of emojis in Kushner’s communications. But this exchange wasn’t the end of it. The next email the prankster received from Kushner’s lawyer was unsolicited, but it contained a sensitive document.
We don’t know exactly what happened, but the most likely scenario is that Lowell’s mail client autocompleted to the fake Kushner email address, landing a sensitive letter right in the prankster’s inbox. SINON_REBORN then reposted the letter on Twitter.
The document is a committee-eyes-only letter from the Senate Intelligence Committee, ordering him to preserve emails from his personal account possibly related to the ongoing Russian election interference investigation. Presumably these emails wouldn’t include half-naked trampoline Lego porn, but Lowell’s response to take the discussion offline suggests there are still several ongoing discussions the Intelligence Committee won’t be able to access.
Is this administration’s operational security worse than the last one’s? There’s not enough data available to tell. But SINON-REBORN’s pranks were already well-known before this latest administration gaffe, suggesting a lack of detail orientation by admin members and their legal representation.