Update: Tennessee man indicted for hacking Palin's e-mail account

A 20-year-old Tennessee man has been indicted for hacking into an e-mail account of U.S. vice presidential candidate Sarah Palin, according to court records.

David C. Kernell was indicted Tuesday on a single charge of accessing a protected computer by a grand jury in U.S. District Court for the Eastern District of Tennessee in Knoxville. The indictment, which carries a maximum sentence of five years in prison and a $250,000 fine, was unsealed Wednesday, the U.S. Department of Justice said.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

Kernell, from Knoxville, turned himself into law enforcement authorities on Wednesday and was released the same day after pleading not guilty at his arraignment. His trial is set for Dec. 16, according to a statement from his attorney, Wade Davies.

David Kernell is the son of Mike Kernell, a Democratic state representative from Memphis.

The three-page indictment alleges that Kernell gained access to a Yahoo e-mail account used by Palin, the Republican governor of Alaska, on about Sept. 16. Palin was named Senator John McCain's vice-presidential running mate in August.

The next day, Wikileaks.org published several screen shots of Yahoo e-mail messages, e-mail addresses of Palin family members and associates, and other data that hackers claimed to have obtained from Palin's private account.

A hacking group known as Anonymous claimed to have gained access to Palin's gov.palin@yahoo.com account and sent the information to Wikileaks, which acts as an anonymous clearinghouse for leaked documents.

"Governor Palin has come under criticism for using private e-mail accounts to conduct government business and in the process avoid transparency laws," Wikileaks wrote in a note accompanying the material. "The list of correspondence, together with the account name, appears to re-enforce the criticism."

Bloggers had fingered Kernell as a suspect after linking him to the online name "rubico," used by the hacker who claimed to have accessed Palin's Yahoo account. Rubico claimed to have accessed the account by using Yahoo's password reset feature and answering security questions with publicly available information, and the indictment supports that claim. He guessed correctly that Palin had met her husband at Wasilla High.

The indictment alleges that Kernell posted screenshots of Palin's e-mail messages, e-mail addresses of her family members, pictures of her family and at least one mobile phone number to the 4chan.org Web site. It's unclear in the indictment how the information came to Wikileaks from 4chan.org, an image-based bulletin board.

Another person also reset the account's password and was able to access Palin's e-mail account, the indictment said.

According to a report in the Knoxville News Sentinel, Kernell was released on the condition that he stay away from computers. He is also barred from leaving east Tennessee without the permission of his parole officer.

When U.S. Magistrate Judge C. Clifford Shirley told him not to discuss the case with any potential witnesses, Kernell asked if that included his girlfriend too.

This story was updated on October 8, 2008