A Twitter account named “Penis,” sporting a Buzz Lightyear avatar and pro-Palestinian message, has just released the names, job titles, and phone numbers of apparently more than 22,000 FBI employees and contractors.
Phone calls to a number of those named indicated that yes, the names and phone numbers are indeed correct. Some refused to answer any questions, and instead simply asked for this reporter’s identifying phone number.
Penis tweeted a link to the online database Monday afternoon, along with a password to decrypt it: “lol.”
The news came as no surprise to people following Penis. He gave the information to Motherboard on Sunday, which wrote about his plans to release. Penis accomplished this, he said, the old fashioned way: by tricking a government employee into thinking he was a colleague, claiming he’d lost his access to an employee portal, and finding the information on the Department of Justice Intranet.
The contents of what he was able to acquire—Penis didn't release anything beyond names, job titles, phone numbers, or email addresses—were less impressive than the scope of what he published. Though the entries number more than 22,000, the listed names, arranged in alphabetical order by entrants' last name, are cut off midway through the Js.
The FBI, which investigates most major hacks of U.S. companies without publicly confirming so, didn’t comment, and referred the Daily Dot to the DOJ.
In a statement provided to the Daily Dot, a DOJ spokesman said that “This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information.”
A number of government agencies have been breached recently. Not all are as glaringly large and serious as that of the Office of Personnel Management (OPM), in which the human resource files of some 21.5 million government employees were exposed. Some are similarly childish. In October, a then-13-year-old hacker who goes by “Cracka” hacked the AOL account of CIA Director John Brennan, also relying heavily on social engineering.
Penis didn't respond to request for comment.
Additional reporting by William Turton.
Photo via Matt Churchill/Flickr (CC BY 2.0) | Remix by Max Fleishman