The EC-Council, a US professional organization that offers a respected certification in ethical hacking, was itself hacked this weekend. Passport and photo ID details of more than 60,000 security professionals who have obtained or applied for the EC-Council's Certified Ethical Hacker certification are at risk after the breach, many of whom work in sensitive political and military positions. They include members of the US military, FBI, United Nations, and National Security Agency.

Among their number is Edward Snowden, whose passport and application email for the certification were used to deface the EC-Council's homepage, alongside the message "Defaced again? Yep, good job reusing your passwords morons." It appears applicants for the CEH qualification emailed their passport or photo ID details to the EC-Council. The self-described "certified unethical hacker" responsible for the attack reportedly used a DNS redirect to access those details, which were stored in an inadequately protected location. The hacker — who calls him- or herself Eugene Belford after the character in 1995's Hackers — said that he was "sitting on thousands of passports belonging to LE (and .mil) officials."