French President Sarkozy’s bank account hacked

Cyberthieves have stolen money from the personal bank account of France's president, Nicolas Sarkozy.

The criminals reportedly managed to obtain Sarkozy's online username and password, and removed several small sums of money from the account.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

Reports state Sarkozy noticed that small amounts of money had disappeared from his account last month, and informed the police of the losses.

The French government has begun an investigation into the theft, according to AFP reports. Luc Chatel, secretary of state for consumer affairs, said: "An inquiry is underway, the President of the Republic has filed a complaint. ... We will see if there was fraud in a way in which the perpetrators can be sanctioned."

The French government needed "to reflect on how to improve the [internet banking] system," he reportedly told French radio. At the time of writing, the French Elysée, Sarkozy's office, had not responded to a request for further comment.

The thieves may not have known that the account they had accessed was Sarkozy's, a source "close to the inquiry" told AFP. "This was a classic case of data piracy, likely by one or several low-level swindlers," the source said.

Sarkozy is the latest high-profile politician in recent weeks to fall victim to hackers. Last month, U.S. vice presidential candidate Sarah Palin's e-mail account was compromised.

Graham Cluley, senior technology consultant at security software firm Sophos, said the latest incident demonstrated that politicians need to understand the potential danger of hackers accessing their PCs and stealing information.

"It shows that anyone working in a position of authority needs to make sure they have good PC security in place," he told Computerworld UK. "They have sensitive information on their computers, even potentially embarrassing data, and they don't want it to become public."

There was no way of knowing yet how Sarkozy's accounts had been accessed, Cluley said, but asked whether keyloggers could have recorded his password as he typed it in, he said it was "possible."

For users to prevent themselves becoming a target, Cluley said, they need proper defense against spam, phishing and malware.

"The first step is to defend your computer with anti-virus software, and in that way you can prevent keyloggers from grabbing your access details. You also need good anti-spam and anti-phishing protection."

It was vital for people to use authentication devices, if sent to them by their banks, he said. These devices continually generate a random access number between the user and the bank, helping to reduce fraudulent access.

Computerworld UK is an InfoWorld affiliate.