【Karen Foster Archives】

After an election where data security became a regularly debated hot topic,Karen Foster Archives you'd think everyone in politics would, for lack of better poetry, have their shit together.

But of course, you'd be wrong.

Until very recently, Donald Trump's White House Press Secretary, Sean Spicer, had his personal website, SeanSpicer.com, listed on his Twitter profile. The site's since been wiped from the internet, but whoever scrubbed Spicer's old WordPress blog forgot to delete an important piece of the pie: Spicer's WHOIS data—or the information behind who registered a website, which left unattended, is publicly-available information—including his home address, and his personal phone number.

SEE ALSO: Hundreds of people are trolling Sean Spicer on Venmo Original image has been replaced. Credit: Mashable

We'd like to point out that Spicer also had a Yahoo email addresslisted when he registered his domain in May of 2009. Yahoo, of course, has had its fair share of data breaches confirmed in recent months.

The WHOIS database documents the owners of domain names, and includes names, addresses, phone numbers, emails, dates, and even IP addresses. While this may seem like a huge security and privacy issue, paying a small fee to your domain registrar can make your WHOIS data private, effectively hiding it from any random person (or media outlet) who decides to look it up.

Apparently, Spicer didn't feel like shelling over the $7.99/year to his domain host GoDaddy to hide his own data.

Original image has been replaced. Credit: Mashable

You can also search the WHOIS database by email, and using the email listed on his personal site, you can learn that Spicer has a total of 16 websites registered under his Yahoo address, including a defunct site named RateTheReporter.com registered in 2015.

Mashablehas blacked out some of the URLs because they were registered using Spicer’s email address for his family.

Original image has been replaced. Credit: Mashable

Spicer also registered the site TheElephantTrunk.org. Plugging it into the Way Back Machine reveals it was a site that sold Republican ties. Cute!

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Original image has been replaced. Credit: Mashable

Since Spicer's phone number was listed right there, we called it. The first time it went straight to voicemail where Spicer identifies himself and ties himself to a GOP email address. It's clearly his voice.

Later we sent him a text asking to confirm that it is indeed his personal phone number, and let him know how we found it. Spicer has yet to return the phone call or text messages.

When we Googled the phone number, it popped up in a Wikileaks DNC email dump where Spicer, then chief strategist and communications director for the Republican National Committee, was asking Luis Miranda, communications director for the Democratic National Committee to hold the next debate "somewhere warm and fun." At the bottom of the email, Spicer had his phone number listed.

This means Spicer had his phone number leaked in the DNC email dump, which appeared on Wikileaks and he didn't change it. After it was on Wikileaks.

We searched the address listed on the WHOIS page to confirm that it was indeed Spicer's home address, at least at one time. The same address shows up with Sean's name listed on a Federal Election Commission donations list for the Americans for Murray Committee. Spicer donated $315 to the campaign.

We plugged the Yahoo email address listed on the account into HaveIBeenPwned, a website that shows if your email address has been compromised in a data breach. Spicer's data? Breached three times: A Dropbox breach in 2012, LinkedIn hack from 2012, and a Myspace breach in 2008. And yes: 'looks like Sean Spicer had a Myspace account, or at least, signed up for one using his Yahoo email address.

Original image has been replaced. Credit: Mashable

As we stated earlier, Spicer's website has been completely wiped from the internet, so someone at the White House, in government, or Spicer himself realized that it wasn't a good idea for the Press Secretary to have his old WordPress blog out there on the internet. Unfortunately, they didn't do a very good job of wiping the whole thing.

Original image has been replaced. Credit: Mashable

Attempting to view the Archive.org version of the site directs users to a robots.txt file, which someone uploaded to Spicer's site on Friday. This effectively blocks the WayBack Machine from accessing your website.

UPDATE: Feb. 7, 2017, 3:01 p.m. EST Using Google Cache you can still see Spicer's old website. The internet never forgets.

Original image has been replaced. Credit: Mashable

That said, it's not the first time Spicer's public data has embarrassed him on the internet. In fact, just this week, it was revealed that he had a public Venmo account, prompting hundreds of people to troll him on the financial app by asking him for money.

This Tweet is currently unavailable. It might be loading or has been removed.

Spicer also sent out a cryptic tweet in January that many speculated was his password. The tweet even got a shoutout during an SNLskit this past weekend where Melissa McCarthy played an angry Spicer during a White House press conference.

While most of this data in Spicer's WHOIS record was already available if someone really wanted to pry hard enough, it does show that the current administration can be clueless when it comes to cybersecurity, themselves—a huge embarrassment, considering how much of a Trump talking point Hillary Clinton's emails were during the election.

---

Featured Video For You

---

Sean Spicer just cannot get the Prime Minister of Australia's name right

---

Topics Cybersecurity Privacy