Dutch politician's social media accounts hacked by journalists

RTL Nieuws managed to break into the social media accounts of various politicians by using previously leaked passwords. With some of them, including the Twitter account of SGP leader Kees van der Staaij, the journalists left a message to show that they were there.

"This account has been leaked and is therefore vulnerable to hackers. Signed Daniel Verlaan and Siebe Sietsma of RTL Nieuws", a tweet read on Van der Staaij's account. The tweet has since been removed. They also broke into CDA Pieter Omtzigt's LinedIn account and various other unnamed politicians' Facebook accounts.

The journalists broke into the accounts using passwords that leaked in previous major data breaches, for example at LinkedIn, Dropbox and Adobe. The passwords were encrypted, but were also linked to an email address or user name. So it was possible for the journalists to figure out who the passwords belonged to. They then decrypted the passwords and tried to use them to log on to various other social media accounts of the politicians.

The broadcaster says they hacked into the accounts because politicians' internet security is "an important and topical subject". The involved politicians were not informed before RTL published its story. The broadcaster did not say whether the accounts contained any sensitive information.

NU.nl spoke to internet lawyer Arnoud Engelfriet about what RTL Nieuws did. "In itself is illegal to break into an account. That is called computer intrusion and has 1 year in prison linked to it", the lawyer said to the newspaper. "But RTL will say that they did this out of journalistic interest and without causing any damage. Then proceedings are usually discontinued. The interest in showing major abuses is then heavier than the penal interest in prosecution."