Tulsi Gabbard is an American politician who served as a Congresswoman for the Democrats from 2013 to 2021, being a member of various national security committees. After her party switch in 2024, she became the Director of National Intelligence. It has now come to light that she does not take security very seriously herself.
Note. The featured image is a symbolic image from Pexels, not of Tulsi Gabbard.
What about the passwords? The American computer magazine Wired examined publicly accessible databases with leaked passwords and discovered access to accounts of US politician Tulsi Gabbard, who at that time as a Congresswoman had access to sensitive data.
For those 8 years, she earned, according to a disclosure report of her finances, the usual salary of 174,000 US dollars per year, now about 155,000 euros. As Director of National Intelligence, all of the US intelligence agencies, including the CIA, FBI, and NSA, are now under Gabbard’s authority.
Nonetheless, she made a simple mistake regarding her own data security (via 3D Juegos).
Politician committed one of the biggest no-gos in cybersecurity
What mistake did she make? As Wired noted, several of the politician’s accounts have been affected by data breaches for years. However, she consistently used the same password – which is a serious error that makes it unnecessarily easy for hackers to access data.
The password Gabbard used appears in releases from 2017, known as Combo Lists, related to an email address for her personal website. However, the data was compromised even before that. Combo Lists are lists of access credentials that are compiled and sold by cybercriminals.
In a list from 2019, the same password is found for her Gmail account. According to records dating back to 2012, she reportedly also used it for her accounts with services like Dropbox and LinkedIn.
The password also appears in connection with another email address in data leaks from 2018, where it was allegedly used for accounts with the fitness app MyFitnessPal and the e-commerce website HauteLook.
However, there is no evidence that Gabbard used the password for government accounts.
The politician reportedly used the word “shraddha” for her password. According to reports from the Wall Street Journal, she received the name Shraddha Dasi
when she joined the Science of Identity Foundation, which is considered by some to be a cult. Gabbard’s deputy chief of staff denies any connection with the SIF.
A spokesperson for the politician also pointed out to Wired that the data leaks are nearly 10 years old and the passwords in question have since been changed multiple times. She also denies any connection to the SIF.
Why is this a problem? In general, you should not use publicly available information about yourself as a password. Names with personal relevance are often easy to find out.
Using the same password multiple times makes it easier for thieves to access more of your accounts once your credentials are leaked. On MeinMMO, we have provided you with 7 tips for strong passwords and why you need them.
In Japan, an authority was specifically created to fend off such hacker attacks. However, there was an embarrassing incident that went unnoticed for many months. You can read more about this here on MeinMMO: Japan established an authority for cyber security – discovered 9 months later that it had been hacked
