Unsecure Emails Sent through Private, Webmail-Based Accounts Contained Information about Johnson’s Meetings with Kuwaiti Ambassador, Saudi Interior Ministry
Johnson’s Private Email Was So Unsecure It Was Used in Email Fraud Scam
(Washington, DC) – Judicial Watch today announced it has obtained 216 pages of documents containing official, sensitive emails of Jeh Johnson and three other top Department of Homeland Security (DHS) officials sent through private, unsecured, webmail-based email accounts. The documents include emails discussing high-level meetings Johnson was to have with the Kuwaiti ambassador and Saudi Arabian Interior Ministry officials, as well as a West African $4.5 million online consumer fraud scam.
The document production came in response to a May 23, 2016, Freedom of Information Act (FOIA) lawsuit filed by Judicial Watch after Homeland Security failed to respond to a December 29, 2015, FOIA request seeking emails “relating to official United States Government business sent to or from” Homeland Security Secretary Jeh Johnson and three other top Homeland Security officials that used “non-‘.gov’” email addresses (Judicial Watch, Inc., v. United States Department of Homeland Security (No. l:l6-cv-00967)).
This is the first production of emails sent through private, web-based email accounts of Johnson, Deputy Secretary Alejandro Mayorkas, Chief of Staff Christian Marrone and General Counsel Stevan Bunnell that were also sent to government email accounts. The emails released reveal that:
- The Kuwaiti ambassador to the US sent an email to Johnson’s unsecure email account attempting to set up a meeting for him with Kuwait’s Interior Ministry and discussing Kuwait’s Interior Minister’s having meetings with the heads of CIA, FBI and DNI.
- The US Ambassador to Saudi Arabia emailed to Johnson’s unsecure email account, discussing Johnson’s upcoming meetings at the Saudi Interior Ministry in Jeddah.
- DHS Chief of Staff Marrone held sensitive discussions with an unidentified individual regarding the earnings of Lockheed Martin and a space vehicle launch consortium between Lockheed and Boeing, which the sender said to “use wisely.” Marrone also received procurement documents related to launch vehicles and their “Launch Infrastructure Capability.”
- Johnson gave a “Progress Report” speech in which he cited the Homeland Security Department’s “strides in cybersecurity.”
- An unidentified individual spoofed Johnson’s name and email account in a phishing scam, telling recipients that they could get money from “an abandoned fund worth U.S.D. 4.5 million in West Africa” if they would send back their personal details.
Prior to the Obama administration’s leaving office, a federal court ordered the Department of Homeland Security to preserve email records sought by Judicial Watch. In petitioning the court for the preservation order, Judicial Watch argued:
A court order requiring preservation of these emails is particularly necessary now as DHS has suggested that these officials may have been acting without authorization by sending emails from these accounts … As such, there is no assurance that these officials will abide by a “request” by the agency to preserve these emails, particularly after their employment ends. …
Judicial Watch previously uncovered documents revealing that Secretary Jeh Johnson and 28 other agency officials used government computers to access personal web-based email accounts despite an agency-wide ban due to heightened security concerns. The documents also reveal that Homeland Security officials misled Rep. Scott Perry (R-PA) when Perry specifically asked whether personal accounts were being used for official government business.
“It is ironic and disconcerting that Secretary Johnson and his aides touted Homeland Security’s great ‘strides in cybersecurity’ while using unsecured, private, web-based email accounts that the Department had officially prohibited,” said Judicial Watch President Tom Fitton. “The fact that the documents found in these email accounts were so heavily redacted and that Johnson’s name and email account were spoofed in a phishing scam is indicative of just how lax communications security was inside Homeland Security during the Obama administration.”