Mitt Romney Hotmail Hack: Microsoft to Blame?

Republican presidential candidate Mitt Romney's personal email account has reportedly been hacked. According to some observers, security weaknesses in Microsoft's Hotmail email service allowed the hack to occur.

In reality, however, slip-ups by both Romney and Microsoft facilitated the hack.

The incident occurred after the Wall Street Journal (WSJ) obtained and printed several emails sent to and from Romney during his time as governor of Massachusetts.

The newspaper did not hack the account to obtain the emails, but rather made a legal request for Romney's office to hand them over.

The WSJ argued in court that the specific messages it asked for, which deal with Romney's handling of the healthcare issue, should be considered part of the public record of his time as Governor.

When the WSJ published the emails, they revealed that Romney had been using the email address 'mittromney@hotmail.com' to carry out some of his government work. (Source: wsj.com)

Romney's Hotmail Account Violated: Claim

Shortly after that address became public, the website Gawker received a tip from a reader, who claimed he or she had accessed Romney's hotmail account and had changed the password.

According to the anonymous tipper, all that was required was the simple matter of pretending to have forgotten the account's user details and then asking Hotmail officials to reset the password, in the process correctly answering a security question.

The tipper claims the question asked for the name of Romney's favorite pet. That information was relatively simple to find, given the extent of media coverage about Romney's life.

The tipper claims not to have copied or passed on any messages in the account, but simply to have sent the new password to Gawker.

Staff at Gawker say they opted not to check if this new password would open the account, as that action could be considered a form of hacking. Instead, they say they reported the claim to Romney's office. (Source: gawker.com)

Same Tactics Used In Sarah Palin Case

This alleged incident is reminiscent of a 2008 hacking of a Yahoo email account belonging to then vice presidential candidate Sarah Palin.

That hacker, David Kernell, had reset the password by answering certain security questions, reportedly including Palin's date of birth, her zip code, and the place where she met her spouse.

Answers to all three of those questions could have been easily discovered because of Palin's very public profile at the time.

In both instances, the email providers have faced accusations of not using stringent enough security questions.

However, experts say that public figures like Romney and Palin must consider using email passwords and security questions that clever hackers would have a hard time figuring out.