The illegal access gained to Sarah Palin's personal Yahoo e-mail account should serve as a lesson for anyone using third-party e-mail services. It didn't take a rocket scientist or a brain surgeon to figure out how to get in, but rather a little searching, a few guesses, and a little luck.

The attack was executed by 4Chan's random /b/ board, which has helped popularized the lolcats and is a favorite hang-out of the "Anonymous" group known for launching large-scare anti-Scientology protests. Tuesday evening, a member of the /b/ board broke into vice presidential candidate Sarah Palin's e-mail account at Yahoo. They read the e-mails, and then posted the account username and password on the board. Naturally, others also became curious, and various /b/ boarders accessed the account, not forgetting to take screenshots as proof.

The member that initalized access to Palin's account gained access through Yahoo's password recovery feature. Using Wikipedia, the member in question began to fill in the answers.

A message posted to the board explains the process:

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)
the second was somewhat harder, the question was "where did you meet your spouse?" did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits [sic] that I took and other fellow anon have so graciously put on photobucket you will see the google search for "palin eloped" or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on "Wasilla high" I promptly changed the password to popcorn and took a cold shower...

So there you go, the criminal invasion of Gov. Palin's privacy was not perpetrated by a criminal mastermind or super-hacker. It required little-to-no expertise and knowing a bit of personal information about the victim. Being a public figure, much of the information needed was easily found online. Being a nobody, however, won't keep you safe from a similar attack - anyone who knows you personally with a malicious intent could do the same!

Meanwhile, on a related note, the FBI is investigating the security breach. It probably won't long until the identity of the individual behind the hacking is revealed, but some saavy bloggers have already begun their own hunt and think they may have stumbled upon the guy.