A report suggests that a phishing attack and a typo were responsible for the 60,000-strong collection of emails being hacked and placed in the public domain prior to the US presidential election, with the communications of Clinton campaign manager John Podesta falling into public hands thanks to well-worn hacking efforts by Russian intelligence workers.
That's what this massive investigation by the New York Times says at least, which seems to pin the blame for the entire thing on campaign aide Charles Delavan, who accidentally told his boss that a phishing email was "legitimate" when he meant "illegitimate" or whatever word the Americans use when they mean the opposite of legitimate.
The email, part of the Wikileaks stash, makes sense otherwise, if you read on past the use of the word legitmate, with Delavan saying: "This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authentication is turned on his account. He can go to this link: https://myaccount.google.com/security to do both. It is absolutely imperative that this is done ASAP."
Blame is also attributed to Billy Rinehart, who fell for the a classic fake Google account compromised email and changed his password too -- using a fake site to do so and therefore handing his details to his attackers. [New York Times via The Register]