Another Rupert O’Dwyer Revelation – PRSA Documented Website Hacks

For JO, Kisses - Rupe

Amazingly, there’s a new revelation in the PRSA Phone Hacking scandal involving Jack O’Dwyer and his publication.  Vice President of Public Relations for PRSA Arthur Yann revealed in a comment on this blog yesterday that PRSA has evidence that someone accessed the private, password-protected, members-only section of PRSA’s website from an IP address traced back to O’Dwyer’s PR.

To wit:

“Regarding § 156.10 Computer Trespass, you and the readers of your blog may also find this interesting: Monitoring tools used to track visitors to PRSA’s website determined that a computer with an IP address registered to the J.R. O’Dwyer Company made 11 unauthorized attempts to access the password-protected, members-only area of our website between March 4 and April 3, 2008.”

Whereas the conference call information has some gray surrounding it, analytics data capturing IP address information and tracing it back to the source is pretty black and white.

This is why it’s a bad idea to do anything online that you wouldn’t want coming to light; there’s invariably a trail of evidence left on a server somewhere.  It’s going to be interesting to see the contortions required by O’Dwyer to justify this sort of intrusion if the evidence exists to support them.

But hey, I’m just a goofball, so take what I say with a grain of salt.

7 thoughts on “Another Rupert O’Dwyer Revelation – PRSA Documented Website Hacks

  1. TioSam says:

    As much as I’d like to get on this badwagon post haste, I need a few questions answered.
    1- How many employees does good ‘ole JR employ?
    2- Does JR even know how to access the interwebs for himself (especially back in 2008)?
    3- Did the server data show telnet or other “coding” attempts in the entries or was it simply someone tried to log-in and failed?

    The third I think is most important as I frequently try to access sites for which I do not have a password, does this mean I am “hacking?” Perhaps I forgot my PW, didn’t think it really required a PW, wanted to show a buddy how ridiculous it was that someone encrypted such and such page, or my browser kept sending requests to the page (i.e. IE crashes and automatically tries to go to the last sites)…

    Just a few thoughts. Oh, and I still want on this bandwagon yo!


    1. Arthur Yann, APR says:

      TioSam: No telnet access attempts. An IP address registered to the O’Dwyer Co., was recorded logging in via the accounts of multiple members, whose passwords had been compromised somehow. Once these specific logins were disabled, we saw several failed log-in attempts from the same IP.


      1. TioSam says:

        Arthur: Thanks for the additional info. The usage of compromised passwords adds additional intrigue… This may be deeper and uglier than my original light-hearted response assumed.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s