Skip to main content

No indictment for alleged Palin e-mail hacker

This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American



On supporting science journalism

If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.


A federal grand jury today decided not to indict a University of Tennessee student in connection with the hacking of Republican vice presidential pick Sarah Palin's personal e-mail. The panel let David Kernell, the son of Democratic state Rep. Michael Kernell of Memphis, off the hook—for now—but the Justice Department told the Tennessean that its  "inquiry into this matter is ongoing." The Alaska governor's Yahoo! e-mail account was broken into last week by someone with an Internet address traced to the younger Kernell's apartment complex in Knoxville, Ars Technica reports. Someone visited Yahoo!'s mail service, reset Palin's password and announced results of the break-in on the Wikileaks.org Web site. The FBI and U.S. Secret Service are investigating the incident, which was a multi-step process made possible by weaknesses in the password reset feature (found on many Web sites—not just Yahoo!) as well as proxy servers that allow people to cover their tracks as they navigate the Web. The hacker (or hackers) may have exploited the password resetting system of Yahoo's e-mail service using details about Palin's life—her birth date and zip code, for example—pulled from sources freely available on the Web.

Larry Greenemeier is the associate editor of technology for Scientific American, covering a variety of tech-related topics, including biotech, computers, military tech, nanotech and robots.

More by Larry Greenemeier