Feeds

Hackers claim to have Mitt Romney's tax records

But beware bait and switch fakery

Combat fraud and increase customer satisfaction

Various media outlets, including El Reg, have been sent a message claiming to be from a hacking group that has stolen the tax records of Mitt Romney and threatens to release them on September 28.

The writer claims to have taken Romney's 1040 filings from the offices of PricewaterhouseCoopers in Franklin Tennessee and copied them onto flash drives. A copy has been sent to both the Republican and Democratic parties and the author includes a code phrase for use in further emails. Similar messages have also mentioned that the files are available for sale to anyone willing to hand over a million dollars in bitcoins.

PWC has said that as far as it is aware nothing is missing and that the Secret Service has been asked to investigate. The local Republican headquarters in Tennessee has confirmed that it received a package, but handed it straight to the police.

Republican presidential candidate Romney has come under fire in recent months for releasing very little information about how much tax he paid before 2010, although he assures the electorate he has paid at least 13 per cent a year, well below the national average. Democrats have called for him to make more information public, but he is refusing to do so.

But before you get all excited it's worth taking a step back and thinking this through, as we did at El Reg offices when the message came in. The case has strong similarities to a case eight years ago that also come up during the height of the presidential campaign: The Killian Papers.

In 2004 President Bush the Younger was facing a re-election campaign against his opponent John Kerry. Kerry had got the nomination in part because he was a Vietnam veteran, whereas Bush had sat out the war as a reservist in Texas.

In September 2004 CBS went public with what it claimed were conduct reports from Bush's National Guard days, written by his old commanding officer Lieutenant Colonel Jerry B. Killian. The documents stated that Bush had missed a scheduled medical and that pressure was placed on Killian to give the president-to-be a favorable job review.

After the story had broken it almost immediately started to fall apart. Some of the documents were clear forgeries and the person who supplied them to CBS admitted that they had been made up. There were several resignations and the whole thing effectively killed the issue from a political standpoint.

So with this in mind at El Reg we've been stepping carefully, checking all available sources and waiting until we saw some evidence before making wild claims. Now that the Secret Service is involved it's a story of sorts, but even if the final documents do get wide release El Reg would recommend readers keep their skeptics hats on tightly until some proof can be found.

Of course, the simple thing to sort out the whole mess would be for Romney to release more than a couple of years of tax information and let people decide for themselves – a practice Romney's father followed but that the son has yet to emulate. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.