Iran-linked hackers breach FBI director's personal email

Posted by m-hodges 17 hours ago

231 points | 336 comments

fmajid 13 hours ago||

GMail, like Apple, has specific enhanced security programs available for Politically Exposed Persons:

https://landing.google.com/intl/en_in/advancedprotection/

The fact the Director of the FBI did not avail himself of this just reiterates how incompetent he is, in addition to being corrupt as heck.

billfor 12 hours ago||

Read the article he wasn't the director of the FBI: "The stolen emails appear to date from around 2011 to 2022"

hughw 12 hours ago||

He's had over a year to enable it.

kevin_thibedeau 13 hours ago|||

It's possible it was breached in 2022 and they've held on to it until now.

ab_testing 12 hours ago|||

Was that landing page written by Google India team !

connorgurney 12 hours ago|||

Not sure what difference the nationality of the copywriters makes…

bedatadriven 12 hours ago||||

Uh yeah, the locale in the link is specifically an Indian locale. If you find it it disorienting you can change en_in to en_us:

https://landing.google.com/intl/en_us/advancedprotection/

thaumasiotes 12 hours ago|||

Well, it was written to target Indian English. You can find the American version of the page at https://landing.google.com/intl/en_us/advancedprotection/ .

Betelbuddy 13 hours ago||

It would be poetic justice to get the unredacted Epstein files via Iran...

everdrive 17 hours ago||

Interesting, and not all that implausible. The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.

If they wanted to maintain access, they certainly wouldn't celebrate it publicly, which is why I assume they want to release information. But, there shouldn't be anything damning to release. ie, there ought not to be if the director is acting professionally. We'll see how the facts bear out. I also suppose it's possible they're just going for any win they can and there's nothing interesting here whatsoever, or it's a really boring secondary address or something.

throwaway27448 16 hours ago||

I think this is actually the opposite of the correct conclusion—just look how influential Patreus cheating on his wife was (https://en.wikipedia.org/wiki/Petraeus_scandal). I seriously doubt that Kash Patel doesn't have a bunch of skeletons to dust off and show the world; the man is a weirdo (much like the rest of the administration).

EDIT: I actually misread the comment; I think we're likely in agreement. My bad.

Jare 16 hours ago|||

I don't know, these days skeletons seem to be treated as funny decoration and we're in a permanent state of Halloween.

redanddead 15 hours ago||

Sullying Halloween's good name

nixon_why69 16 hours ago||||

I'd like to chime in and say that that Kash Patel, while completely unprofessional and incompetent, is way less of a weirdo than the rest of the administration.

His scandals are all about shirking job responsibilities to party and sightsee. That's not great from the FBI director but its way more normal than the rest of them.

Hikikomori 49 minutes ago|||

How can you way that with a straight face when this book exists.

https://www.amazon.com/Plot-Against-King-Kash-Patel/dp/19555...

mikeyouse 16 hours ago||||

That's not remotely true of his history.. he's a full on Jan-6er, deep into Q-Anon, he was involved in numerous serious scandals during the first Trump admin (Nunes Memo / Russiagate 'parallel' investigation: https://www.theatlantic.com/politics/archive/2018/01/the-men...), he has a number of sketchy moneymaking side-businesses, he was formerly living with a GOP megadonor 'Timeshare Tycoon' as roommates in Vegas (https://thenevadaindependent.com/article/trump-fbi-pick-kash...), he collected enemies' lists for Trump which resulted in firing of most of the Iran counterintel team right before we started launching attacks because they had the termerity to investigate why Trump was showing donors top-secret maps of Iran after he left office..

quantified 14 hours ago|||

In the current environment, those are more expecteds than scandalous. Insider trades around government activities, same-sex behavior, overt racism for example might nudge the needle.

nixon_why69 15 hours ago|||

I'm not defending or advocating for the guy, just saying, if you're gonna be a piece of shit, he seems more relatable than the rest of them.

embedding-shape 16 hours ago||||

I dunno, a sitting FBI director testifying under oath about details that are clearly false, goes above and way beyond "to party and sightsee". At least in my world it puts him up there together with the rest of the weirdos.

nickburns 16 hours ago|||

So you mean to point out that the sitting FBI director is a bro's bro.

_fat_santa 16 hours ago||||

I was just reading a X thread that published some of the more notable things and overall it's pretty innocuous. The most "controversial" thing thus far is he took a trip to Cuba

treebeard901 16 hours ago||||

Maybe the hackers will release information connecting Patel to the Noem and Lewandowski grift operations with govt contracts. Out of the four companies allowed to bid for the $220 million advertising contract, 3 were linked to Noem and Lewandowski and one to Patel.

Im sure they are all doing it...

MyHonestOpinon 16 hours ago||

Well, if the president sets the example. What can you expect from the rest ?

close04 16 hours ago||||

> look how influential Patreus cheating on his wife was

Those times have passed. I'll restate what I said in a comment some days ago:

>> 50 years ago the press was "impeaching" presidents. Today presidents are "impeaching" the press

The current strategy is "keep the outrage hose on full blast and eventually people get desensitized". It works.

mc32 15 hours ago||

The press was stupid. They were doing stupid gotchas like swiftboats, fake reports on GWB (Dan Rather), but couldn’t care less about things like the CIA and the crack cocaine connection[1], or lots of other things the government gets away with (including Clappers total information awareness unconstitutional surveillance efforts) The press is always carrying water for someone but that someone is rarely the public unless is just pure coincidence.

[1] there was one reporter who dared but the toll from the story resulted in his suicide, some years later. His colleagues poo-pooed his reporting on the connection.

hypeatei 16 hours ago||||

There is so much corruption and impropriety in this administration that skeletons don't matter anymore. Looking at what sunk officials in previous administrations provides a sense for just how far gone we are, but it's not an indicator of what future consequences will be.

Loughla 13 hours ago||

Dan Quayle lost a serious bid because he couldn't spell potato.

Now look at where we're at. It really is wild. Right, wrong, or indifferent. How far we've shifted is absolutely wild.

throwaway27448 11 hours ago||

Dan Quayle also had the charisma of a potato. Let's not overfit this curve.

stronglikedan 16 hours ago|||

[flagged]

snapcaster 16 hours ago|||

This simping is such a bad look. Why go to bat for a man who wouldn't piss on you to put out a fire? Act like a man jesus christ

thejazzman 16 hours ago|||

Trump is currently in office ;)

tencentshill 17 hours ago|||

Surely we are currently clean on OPSEC. There couldn't be any precedent for government officials using private email servers for confidential information!

vessenes 16 hours ago||

obligatory - that first famous private server was done because someone wanted a blackberry like Obama had, and was told no by NSA. Man that BB keyboard was good.

bookofjoe 16 hours ago||

Check this out (can't wait til mine arrives): https://www.clicks.tech/

connorgurney 12 hours ago||

I’ve been using a Clicks case since the early days and have personally loved every second of it but it’s definitely an acquired taste. Let us know how you find it.

rurp 16 hours ago|||

Are we talking about the same FBI director here? Professional and competent are not how I would describe Kash Patel. Given his overt buffoonishness and the whole administration's disdain for procedure and expertise I would be shocked if he didn't have extremely inappropriate content in his inbox.

conception 16 hours ago||

I believe “if” is doing a tremendous amount of work in parent’s comment.

firefax 16 hours ago|||

>his personal email should be pretty uninteresting except for stuff like HIPAA

medical diagnoses can be incredibly useful in understanding past and future actions

>there shouldn't be anything damning to release. ie, there ought not to be if the director is acting professionally

that "if" is doing some heavy lifting given who we are discussing

embedding-shape 17 hours ago|||

> his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news. It'll be interesting to see whether or not that bears out.

Aren't these the same people who apparently used Signal with a journalist in the chat, and had military conversations in that very chat?

Color me surprised if these people haven't heard of opsec before, and mix their work/personal life all over the place.

drnick1 16 hours ago|||

> Aren't these the same people who apparently used Signal with a journalist in the chat, and had military conversations in that very chat?

Signal is one of the most secure communication platforms out there, but it is obviously not immune to human error or social engineering.

mikeyouse 16 hours ago|||

Also wildly illegal to use to conduct government business, especially confidential government business. (and yes the messages were auto-deleting and largely lost before anyone chimes in with technically they could be archived!)

nickburns 15 hours ago||

It was a custom (presumably DoD-approved) build. And the story gets much better than that:

https://youtu.be/KFYyfrTIPQY&t=724

embedding-shape 16 hours ago|||

Ok? Signal is not the topic of my comment really, nor has anyone claimed it's less secure than other chat apps.

everdrive 17 hours ago||||

Yes, and I wouldn't be shocked if there was classified information in there. I struggled with wording, but what I meant was "you're not supposed to be able to find classified or sensitive information in personal email, but I who knows what will be the case here."

throwa356262 17 hours ago||||

[flagged]

embedding-shape 16 hours ago|||

> The investigation has led to turmoil within the Defense Department, raising tensions and the firings and resignations of several top DoD officials, including former Chief of Staff Joe Kasper. [...] On May 1, 2025, it was revealed that both national security adviser Mike Waltz and his deputy Alex Wong would be leaving their posts in the National Security Council

Let me guess, the "leak" was intentional just to break a bunch of laws and to cause a bunch of people to get fired and leave their posts?

apercu 16 hours ago||

They do a lot of mental heavy lifting to support a corrupt and incompetent administration- sunk cost fallacy I imagine.

Forgeties79 16 hours ago|||

The facts simply do not bear this interpretation out. Investigations and heads rolling for a stage whisper? Nah

dmix 16 hours ago|||

Signal started being used during the Biden administration, the issue was how they were managing contacts which could be added to groups. They weren't carefully vetting access and a journalist with the same name as another military guy was added to the group by accident.

apical_dendrite 16 hours ago||

Source?

dmix 15 hours ago||

The public record of a contract to the Israeli company which handled archiving Signal chats for the DoD was done during Biden admin. And it's been well reported if you just Google it:

> Alexa Henning, spokesperson for the Office of the Director of National Intelligence, tweeted last week that “widespread use” of Signal began under the Biden administration, adding that “at ODNI, when I got my phone, it was pre-installed.”

https://www.politico.com/news/2025/04/02/inside-the-hazy-fra...

apical_dendrite 14 hours ago||

You're missing some key distinctions. The issues are: 1) putting classified information into a non-classified system; 2) putting information that needs to be preserved under laws like the presidential records act into systems where it's set to be auto-deleted. Both are illegal. Simply saying that the Biden administration pre-installed Signal is irrelevant. There are legitimate uses.

Your own article makes this exact point: > Matthew Shoemaker, a former Defense Intelligence Agency analyst who left the agency in 2021, said that while Signal was used during his time in government, “it was almost exclusively restricted to scheduling purposes,” such as letting their boss know that they’ll be late to work because of personal circumstances. “That’s why Signalgate is all the more staggering — because these senior leaders were doing the exact opposite of what even my most junior intelligence officers knew not to do,” he said.

You're doing bullshit partisan whataboutism. "well the democrats did it first".

This has nothing to do with adding the wrong contacts. It has to do with putting highly-sensitive material into Signal to circumvent the law around records preservation and as a result creating a situation where it's possible to accidentally add the wrong contact and therefore exposing that information to a journalist.

dmix 7 hours ago||

> This has nothing to do with adding the wrong contacts. It has to do with putting highly-sensitive material into Signal to circumvent the law around records preservation

My comment above already mentions public records of the DoD contracting out archiving of the Signal chat, so it doesn't in fact circumvent laws around preservation.

> You're doing bullshit partisan whataboutism. "well the democrats did it first".

I don't think it's a huge sin for government workers to be using Signal, remote work and messaging is the new norm and they will use something whether we like it or not, and Signal is the least bad option. I don't blame the Biden DoD for experimenting down that road at all, as I'm skeptical they'd build something better internally - and to your hyperpolitical points I don't see large distinctions between these type of tech choices between administrations (the DoD staff largely remains the same even when presidents change).

The issue with encryption and security will always be human security practices come first-and-foremost, technology second. They failed an OPSEC checklist when using group chats and need to implement better identification management. That's the sort of lesson that large organizations frequently need to re-learn the hard way when adopting new (and often better) things.

This was just a good lesson in security hygiene

fc417fc802 41 minutes ago||

I'm not clear on the verdict here.

1. Classified information. Was it legal to put that into the DoD approved Signal build? The media coverage at the time gave me the impression that it was not.

2. Records keeping. Were the Trump admin chats in question properly archived then? I had been led to believe that they weren't. Do you believe that to be incorrect?

> I don't blame the Biden DoD for experimenting down that road at all

The person you're replying to never criticized them for such.

bitwank 16 hours ago|||

Yeah, the fact they announced it proves it’s nothing. I saw a picture of him smoking a cigar. We’ve already seen him drinking beer and acting foolish; probably enough to get you executed in Isfahan, but a giant nothining in the USA.

GorbachevyChase 10 hours ago|||

We’re not getting any juicy leaks from it because it’s just full of 20-year-old memes and meeting invites to look busy.

BigTTYGothGF 16 hours ago|||

Those "should"s are doing a lot of heavy lifting.

JeremyNT 16 hours ago|||

> The real test: his personal email should be pretty uninteresting except for stuff like HIPAA, amazon purchases, communications with friends / family. (good for HUMINT) But other than that, there shouldn't be anything in there which should make the news.

I have no idea why this would be the default assumption for somebody as sloppy and erratic as Patel. Look at how many people were emailing damning stuff to/from Epstein's personal email accounts from their own personal email accounts!

lanevich 16 hours ago|||

[dead]

nullable_bool 15 hours ago|||

Gone are the days of the strong silent type running the roles of high power in the government. He is a real embarrassment and I feel sorry for his mother.

BigTTYGothGF 13 hours ago||

> Gone are the days of the strong silent type running the roles of high power in the government

What, like J.Edgar?

snovymgodym 14 hours ago|||

> I feel sorry for his mother.

In all likelihood his upbringing is what made him this way.

acuozzo 12 hours ago||

You think so? Peers, in my experience, have an even greater impact, especially between the ages of 10 and 25.

TheGRS 13 hours ago|||

Gone only because current leadership kicked them all to the curb and told them to get out of Washington. Only loyal talking heads are wanted there now.

paxys 14 hours ago|||

The strong silent types were all fired for being "woke". We collectively decided that incompetence should be the top qualification for all positions of power, and the results are obvious.

unparagoned 9 hours ago||

It’s all fine since he didn’t use it for official business right, right…

drfloyd51 7 hours ago||

The FBI just made a bounty to find who hacked family photos.

I am sure the FBI will do that for my family too right?

Or we’re more than family photos hacked?

kingo55 6 hours ago||

Maybe the family un-friendly kind?

pnw 9 hours ago|||

Based on the links in the articles, it's personal photographs and a resume from an old Gmail account. The resume dates from 2017.

justonceokay 13 minutes ago||

If they got into the account they got everything. The publicly released pictures are more of a taunt meant to publicly signal that he’s fucked. I would bet (figuratively) that anyrhing of actual value is either being sold or leveraged. After all this is a man that has shown an almost infinite capacity for humiliation.

justonceokay 9 hours ago|||

Or more likely unofficial business

jnaina 2 hours ago||

apparently it was a gooner account for one of the popular adult websites.

dlev_pika 9 hours ago||

I still can’t get over the fact that *Kash “Stay in my lane” Patel* is heading the FBI

reddozen 7 hours ago|

you mean best selling children's book author Kash Patel who is desperately trying to scrub the internet of his music video[0] revising the Jan 6 insurrection

[0] https://youtu.be/TPF_e2E5F74

paxys 14 hours ago|||

I feel like sending phishing emails for penis enlargement pills would take down half the current administration.

penguin_booze 13 hours ago||

I know someone who will be interested in bigger hands--big beautiful hands.

Muhammad523 13 hours ago||

I must say, i'd prefer if my hands remained the same size they are now. I dont want to lose my dexterity. Slightly offtopic

disantlor 14 hours ago||

worth a try

paxys 16 hours ago||

A couple of DOGE teenagers were able to casually walk in and steal the entire country's social security and healthcare data (and probably more), and we were cheering them on. There is still no accountability, and it has probably already been sold to the highest bidder. So this would be the least surprising thing in the world.

Wololooo 16 hours ago||

We? I don't think I've seen anyone but the people absolutely not understanding the gravity of the situation were cheering on. And I'm not even American.

quantified 11 hours ago||

"We" is such an imprecise word for a pool of people. I believe Chinese has two flavors, "zanmen" including the listener too, and "women" excluding the listener. Obviously "we" did not elect Trump, only "a majority of the US voters who voted", and even the others may sadly use "we" though they didn't, because they are members of the political body that did. Just like the "they" of Israel that harass Palestinians and throw up West Bank settlements do not reflect all of Israel, and the average Soviet citizen did not reflect the behavior of the Soviet government.

Drakim 11 hours ago||

In English, you can say "we" or "they"

drstewart 16 hours ago|||

[flagged]

magicalist 15 hours ago||

I don't know if this is an irony thing I'm not getting, but we know they had untracked access to data they shouldn't have (violating data access rules and orders from a judge), and there is a whistleblower accusation that the data was retained and some DOGE staffers were at least talking with other groups who could use the data.

Meanwhile how would Hunter Biden, not a government employee nor having access to government systems, get that data in the first place?

drstewart 13 hours ago||

Hunter Biden was accused of many crimes too. He probably got access from his dad.

Gud 12 hours ago||

“Probably” sources please. We know for a fact that unvetted jerks(“big balls” and so on) had access thanks to Donald Trump.

firefax 16 hours ago||

Allow me to put on my tinfoil hat for a moment and propose that maybe DOGE did loudly what the Solarwinds paired with OPM breach did quietly years prior.

fn-mote 15 hours ago||

OPM was much more serious. Equifax had already leaked the social security data and more.

mplanchard 15 hours ago|||

Link if you want to look: https://bsky.app/profile/ddosecrets.org/post/3mi2iokglyn2w

FlamingMoe 14 hours ago||

Interesting comment: "if Iran ends up responsible for regime change in the US, i will be overjoyed as i die from irony"

pogue 13 hours ago|||

Anybody dug through it yet?

smrtinsert 14 hours ago||

Is it legal to download something like this?

paxys 14 hours ago|||

Legal or illegal doesn't really matter. If the regime wants to come for you they will.

fluidcruft 14 hours ago||||

You can't prove you didn't (and the fuzz will produce evidence you did).

kaliqt 12 hours ago||||

Legality matters now least of all to either side.

Muhammad523 13 hours ago|||

I dont know. I think downloading it with Tor would make it almost impossible to find out you downloaded this stuff anyway.

macNchz 16 hours ago||

I've been wondering if we'd see a cyber campaign emerge in this conflict. To my knowledge Iran seems to have pretty advanced cyber capabilities and increasingly fewer reasons to hold back. Gloves-off cyber war doesn't sound good to me. The US CISA already been cut back, has lost "virtually all of its top officials"^, doesn't have a permanent director, and is operating at a further reduced capacity because of the DHS shutdown.

^ https://www.cybersecuritydive.com/news/cisa-senior-official-...

mandeepj 16 hours ago||

> To my knowledge Iran seems to have pretty advanced cyber capabilities and increasingly fewer reasons to hold back.

Iran isn’t alone!! They are a quad along with China, Russia, and North Korea.

Painsawman123 16 hours ago||

that's the thing that people overlook the most in regards to this war.iran isn’t doing this on its own. Russia, China and north korea have been backing it from the start. they’re the ones helping with intel on US base locations across the Middle East, supplying drones, and working out strategies to drag things into a stalemate, plus whatever else iran needs along the way

epolanski 16 hours ago|||

Can you blame them? Iran is fighting for its own survival and has to find help where it can.

If the US had an educated administration not composed by lap dogs they would've known that attacking Iran was going to be a terrible idea.

Saddam did the same mistake in 1980.

He thought that the Iranian Kurds, the political opponents, the Iranian Arabs, civilians were going to raise against the regime.

None of this happened. None. In fact, hundreds of thousands of people, even kids, rallied around the banner. There are documented stories of 13 year olds, jumping on barbed wire to use their bodies as bridges for infantry. Disgusting, yet telling of the fact that the Persians will do everything to defend their land even if they don't like its leadership.

It's very difficult to convince people you're bombing left that you're helping them get rid of a regime (which, you never know for sure how popular or unpopular it is).

Iranians, yet again, are rallying around the flag for what is effectively a foreign aggression.

kstenerud 16 hours ago|||

Iran has been preparing for this war for 40 years. So has Israel. They will engage in a battle of supremacy over the Middle East. Both want the USA knocked out so that the Americans can't use their influence there anymore (both consider the USA a nuisance).

As soon as ground troops land in Iran, it's over for the USA. As it is, oil and goods shipping via the Persian Gulf and the Red Sea will be controlled by Iran for a very long time to come. All Iran has to do is withstand the pummeling, which it very likely will do. And they'll get plenty of support from China, since this plays into the South China Seas plan quite nicely as the USA moves carrier after carrier out of Asia.

40four 14 hours ago|||

The thing getting overlooked is all of the recent moves by Trump all lead back to China. Venezuela, Cuba, now Iran. These are all tentacles of China. The aggression against these 3 countries is not a coincidence. It’s a concerted and indirect attack on China in an attempt to weaken their subsidiaries. In the eyes of this administration, this is unpleasant, but necessary housekeeping that should have been done decades ago but no one was willing to spend the political capital to do it.

In Iran, Trump was clearly hoping (and verbally requested) the same thing you say about Sadam. I think we actually do know how unpopular the regime is, the mass protests demonstrated that. But the religious hardliners are the ones with the guns. And they clearly aren’t afraid to use them. So while there was some momentum, after everyone got gunned down in the streets by the IRGC it quickly deflated. So asking unarmed protesters to step up again is kind of big ask, without any material support.

chirau 13 hours ago|||

Iranian protesters were not calling for US interference. Let's be very clear about that. They were doing it for their own regime change, not some US imposition. What they think of the US or whether they are for this war or supposed regime change by the US is a totally different consideration.

mandeepj 11 hours ago|||

> The thing getting overlooked is all of the recent moves by Trump all lead back to China.

Are you trying to frame the twice accidental president as some sort of visionary? He doesn’t even remember what he said 5 mins ago. If he had planned or even had any clue about wars, we’d not be in this mess. He insulted Zelenskyy last year but ended up asking for his help.

Do you recall orange phenomenon was asking for China’s help just last week, let’s wait for it, to act against their friends, which you called their subsidiaries :-). You can’t script this horror show, even if you wanted to.

epolanski 9 hours ago||

Also, he's pushing the world towards China.

And rightfully so. China isn't killing and kidnapping world leaders, supporting genocides in Gaza, launching military operations, threatening its allies of annexation or overtly interfering in their democratic process.

limagnolia 15 hours ago|||

Russia and North Korea are obviously doing so, but I haven't seen any direct evidence that China is providing intelligence support to Iran, do you have any links? It is certainly plausible, China would love to see Russia tied up in Ukraine and the US tied up in Iran.

40four 16 hours ago|||

I forget all the details but a hacker group associated with Iran already hacked the infrastructure of a major US health care tech company

derwiki 16 hours ago||

Stryker. FWIW a friend in ER medicine said it had very very limited effect.

40four 15 hours ago||

That’s right thanks. The same Hacker group as this story. Yeah I didn’t hear much after the initial breach so I assumed it was minor.

Edit: apparently 80000 employee workstations got remotely wiped. So not so I guess I wouldn’t call that minor.

Also that’s what I get for commenting before reading the story, they mention the Styker incident in the story lol

mattbis 16 hours ago|

I really want to know how they did it.. was it some terrible password?

He doesn't strike me as the kinda person even using a local password manager; like keepass.

Somebody needs to find this out.

I doubt it was gmail support... surely it could not be via his phone sim, and if he didn't have two factor on; That would be so funny.

I'm tempted to check out the dark web or the telegram, but i'd rather not do either of those things.

danso 16 hours ago||

I too am very curious about this. Even if his password was exposed and he didn’t have 2-factor auth, doesn’t Google by default ask for confirmation — e.g. texting a number or backup email associated with the account — when seeing an unrecognized device? Maybe he didn’t have any alt contact methods associated with his account?

(which might not be that unusual, he’s old enough to have opened a gmail account upon launch, before extra info hoops were put in place, and maybe he never touched his account config in the past 2 decades?

mattbis 16 hours ago||

You are probably right... I tend to change my password semi often. It's always a super complex impossible to remember string - and always keep an eye on the account activity.

Not to mention ; you would assume he should have more than one device linked to the account and then that adds another layer, since Google will ask you " is this you trying to logon ". <-- that is the only way to get Google to do the unrecognized flow you mention.

If you are suggesting it was exposed and he didn't immediately randomise all his passwords.. WORDS FAIL ME

It's all security 101 the irony is immense...

if the US government / FBI need someone to give some talks on how to do security ...

ffsm8 15 hours ago||

Changing a password that's randomly generated is security theatre. It doesn't meaningfully improve security

Also it's entirely possible they only compromised a honeypot.

Considering their track record, that's actually more likely tbh

mattbis 15 hours ago||

Honeypot sure I didn't think of that.. But I was under the impression the FBI confirmed it ? So we can rule it out.

Making the password impossible to guess - how could that not be?

Since then you know you have a breach, as its randomised gibberish, if you then get the 2nd device asking " is this you trying to login " you can definitely know you are compromised....

I can't see your logic here, that isn't " theatre " ????

If you think that is theatre what is better then? Words and numbers.. easily brute forced.. Sorry can't agree.

ffsm8 15 hours ago||

Why would they willingly destroy their successful honeypot if the other party announced they've access to it?

I haven't seen what's in it either though, but I would not rule it out yet, especially when the FBI is involved - which love those tactics

When you're compromised, changing the password is obviously not theatre - but changing a password which is randomly generated with enough entropy is what's pointless theatre. A secure password is secure, esp. If you're already using a password manager then the act of changing isn't meaningfully increasing your security (unless you're aware that your password was compromised) because the way to compromise it is what...? Having a keylogger on a device you logged in on? Then the changed password will be just as compromised

mattbis 15 hours ago||

That's why keepass is really useful since you aren't ever typing in the password.. its generated and then copied to the clipboard.. That clipboard is then wiped after X seconds.

So then you know that you have been rooted => If that fails to resolve it.

Reduce the number of vectors to know what you have to change asap. in this scenario you don't want to be guessing about how they did it.

The randomised gibberish just means you can rule out certain things. I can agree on part of what your saying but a string high entropy password, makes it harder to brute..

Many services don't really do that whole retries thing properly. So make it take as long as possible.

If you don't use a random gibberish your password can be cracked on any consumer device in a surprisingly short amount of time...

This way you can then focus on that a session token is probably how they got in.. It's the most common vector these days...

More comments...