Within Weak Security
Why Stolen Password Files Mattered
The alleged copying of account and password files showed how one compromised machine could reveal paths into many others.
On this page
- What account files could reveal
- Offline cracking and password reuse risks
- Why hardened systems separate credentials from endpoints
Page outline Jump by section
Introduction
One of the most significant allegations in the Gary McKinnon case was not simply that military and NASA computers were accessed, but that account and password files were copied from them. In cyber-security terms, this mattered because credentials are often more valuable than individual documents. A stolen password file can reveal how a network is organised, which accounts hold administrative privileges, and how an attacker might move from one compromised machine to many others. According to court records and US indictments, McKinnon was alleged to have copied operating-system files containing account names and encrypted passwords from military and NASA systems, including hundreds of passwords associated with a US Navy network. [UK Parliament]publications.parliament.ukmckinn 1The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted…
The allegations therefore highlighted a broader security problem: once an intruder gained access to a single poorly protected computer, credential stores and account information could potentially become stepping stones deeper into sensitive networks. [Department of Justice]justice.govDepartment of JusticeLondon, England Hacker Indicted Under Computer Fraud…Gary McKinnon, of London, England, was indicted in Alexandri…
What Account Files Could Reveal
Password files are not merely lists of passwords. Even when passwords are encrypted or hashed, the surrounding account information can provide a detailed map of a network.
The House of Lords judgment summarising the US allegations stated that McKinnon copied operating-system files containing account names and encrypted passwords from 22 computers. The files reportedly included material from Army, Navy and NASA systems, with approximately 950 passwords associated with server computers at Naval Weapons Station Earle. [UK Parliament]publications.parliament.ukmckinn 1The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted…
For an intruder, such files can reveal:
- Usernames and service accounts.
- Administrative or privileged accounts.
- Naming conventions used across an organisation.
- Relationships between servers and users.
- Potential targets for further compromise.
Even without immediately recovering the underlying passwords, account names alone can be useful. They tell an attacker which identities exist and which credentials may be worth targeting. In large organisations, consistent naming conventions often make it easier to predict accounts on other systems. Modern security guidance therefore treats usernames, account databases and password hashes as sensitive information in their own right. [UK Parliament]publications.parliament.ukmckinn 1The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted…
The significance of the allegations was amplified by the claim that access to one compromised system could be used to discover additional military and NASA machines. Prosecutors alleged that once administrative access was obtained, the compromised computer became a platform for identifying further targets. [Department of Justice+2Pinsent Masons]justice.govDepartment of JusticeLondon, England Hacker Indicted Under Computer Fraud…Gary McKinnon, of London, England, was indicted in Alexandri…
Why Encrypted Passwords Still Create Risk
A common misunderstanding is that encrypted or hashed password files are harmless once separated from the systems that use them. Security professionals generally view the opposite as true.
When password hashes are copied away from the protected environment, attackers can attempt to recover passwords offline. Unlike online login attempts, offline attacks do not trigger account lockouts and can often be conducted repeatedly without alerting administrators.
The House of Lords judgment specifically refers to copied files containing encrypted passwords rather than plain-text passwords. Nevertheless, those files were considered important evidence because encrypted credential databases can still enable further compromise if passwords are weak, reused or poorly protected. [UK Parliament]publications.parliament.ukmckinn 1The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted…
The danger increases when users reuse passwords across multiple systems. If one recovered password unlocks an administrator account, email account or remote-access service elsewhere, the compromise can spread far beyond the original machine. This is one reason modern cyber-security practice emphasises unique credentials, password managers and multi-factor authentication.
The McKinnon allegations therefore drew attention to a wider issue than the security of any single computer. The concern was whether credentials harvested from one location could unlock many others. [Department of Justice]justice.govDepartment of JusticeLondon, England Hacker Indicted Under Computer Fraud…Gary McKinnon, of London, England, was indicted in Alexandri…
The Naval Weapons Station Earle Example
The most frequently cited credential-related allegation involved Naval Weapons Station Earle in New Jersey.
US prosecutors alleged that McKinnon installed remote-access software on computers within the network and subsequently obtained approximately 950 passwords stored on connected servers. According to the indictment, those credentials were later used in further access to the network. [Department of Justice]justice.govDepartment of Justice British National Charged with Hacking Into N.JNaval…… 950 passwords stored on server computers connected to the NWS Earle network. In addition, the Indictment charges that on Sep…
Whether viewed through the indictment or later court summaries, the number itself attracted attention because it illustrated the scale of credential exposure. The issue was not merely one password belonging to one user. The allegation suggested access to a large collection of credentials associated with a military installation responsible for supplying and supporting the Atlantic Fleet. [Department of Justice]justice.govDepartment of Justice British National Charged with Hacking Into N.JNaval…… 950 passwords stored on server computers connected to the NWS Earle network. In addition, the Indictment charges that on Sep…
From a defensive perspective, large password collections create a multiplier effect. A single breach can expose many accounts simultaneously, making incident response far more difficult. Administrators may need to determine which credentials were compromised, reset accounts, investigate privilege levels and assess whether access spread to additional systems.
Why Hardened Systems Separate Credentials from Endpoints
The allegations in the McKinnon case illustrate why modern network design tries to prevent one compromised endpoint from exposing wider credential stores.
A hardened environment typically seeks to ensure that:
- Administrative credentials are not routinely stored on ordinary workstations.
- Password databases are protected by additional controls.
- Privileged accounts are separated from day-to-day user accounts.
- Compromise of one machine does not automatically reveal credentials for others.
- Multi-factor authentication reduces the value of stolen passwords.
The security lesson is not that password files should never exist; operating systems require them. Rather, the lesson is that credential repositories should be difficult to reach, difficult to copy and difficult to reuse if stolen.
Court records and indictments in the McKinnon case repeatedly linked the copied account files to broader allegations of movement across military and NASA networks. That connection is what made the password-file allegations noteworthy. The files were valuable not because they contained secret UFO information, but because credentials can function as keys. Once enough keys are exposed, the security of an entire network may depend on how effectively access controls, segmentation and credential management limit the damage. [UK Parliament+2Department of Justice]publications.parliament.ukmckinn 1The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted…
Amazon book picks
Further Reading
Books and field guides related to Why Stolen Password Files Mattered. Use these as the next step if you want deeper reading beyond the article.
The Art of Deception
Explains how credentials and access can be leveraged across systems.
The Cuckoo's Egg
Rating: 4.5/5 from 8 Google Books ratings
Illustrates how weak security can enable major intrusions.
eBay marketplace picks
Marketplace Samples
Example marketplace items related to this page. Use the search link to explore similar finds on eBay.
Endnotes
-
Source: publications.parliament.uk
Title: mckinn 1
Link: https://publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htmSource snippet
The appellant also copied data and files onto his own computers, including operating system files containing account names and encrypted...
-
Source: justice.gov
Link: https://www.justice.gov/archive/criminal/cybercrime/press-releases/2002/mckinnonIndict.htmSource snippet
Department of JusticeLondon, England Hacker Indicted Under Computer Fraud...Gary McKinnon, of London, England, was indicted in Alexandri...
-
Source: justice.gov
Title: Department of Justice British National Charged with Hacking Into N.J
Link: https://www.justice.gov/archive/criminal/cybercrime/press-releases/2002/mckinnonIndict2.htmSource snippet
Naval...... 950 passwords stored on server computers connected to the NWS [Earle network]({{ 'earle-network/' | relative_url }}). In addition, the Indictment charges that on Sep...
-
Source: pinsentmasons.com
Title: alleged uk hacker will fight extradition to us
Link: https://www.pinsentmasons.com/out-law/news/alleged-uk-hacker-will-fight-extradition-to-usSource snippet
14 Nov 2002 — US prosecutors on Tuesday indicted Gary McKinnon, 36, of Hornsey, north London, for allegedly hacking into the computer sys...
-
Source: Wikipedia
Title: Gary [Mc Kinnon]({{ ‘mc-kinnon/’ | relative_url }})
Link: https://en.wikipedia.org/wiki/Gary_McKinnonSource snippet
Gary McKinnonMcKinnon was also accused of copying data, account files and passwords onto his own computer. US authorities stated that...
Additional References
-
Source: sundaytimes.lk
Link: https://www.sundaytimes.lk/101017/Education/ed01.htmlSource snippet
'Superhacker' faces extraditionGary McKinnon, 39, of north London faces extradition over claims he gained illegal access and made alterat...
-
Source: malicious.life
Link: https://malicious.life/episode/us_vs_gary_mckinnon/Source snippet
The US vs. Gary McKinnonHe stole around 950 passwords, trashed around 1,300 user accounts. He deleted files at a naval weapons station, a...
-
Source: vlex.co.uk
Link: https://vlex.co.uk/vid/mckinnon-v-united-states-793612009Source snippet
McKinnon v United States of America... 950 passwords from server computers at Naval Weapons Station Earle [charges 9 to 10]. (3) 6 files...
-
Source: mg.co.za
Title: 2008 07 30 uk computer hacker loses appeal over us extradition
Link: https://mg.co.za/news/south-africa/2008-07-30-uk-computer-hacker-loses-appeal-over-us-extradition/Source snippet
UK computer hacker loses appeal over US extradition30 Jul 2008 — The US authorities allege he stole 950 passwords and deleted files at th...
-
Source: instagram.com
Title: Gary Mc Kinnon, a British hacker, accessed multiple U.S
Link: https://www.instagram.com/reel/DTveyiaANbn/Source snippet
Gary McKinnon, a Scottish hacker, gained unauthorised access to dozens of U.S. military and NASA systems between February 2001 and March...
Published: February 2001
-
Source: redhotcyber.com
Title: famous hackers the story of gary mckinnon
Link: https://www.redhotcyber.com/en/post/famous-hackers-the-story-of-gary-mckinnon/Source snippet
Famous Hackers: The Story of Gary McKinnon.1 Jul 2025 — Gary McKinnon, single-handedly scanned thousands of US government machines and di...
-
Source: scworld.com
Title: bring the hacker here
Link: https://www.scworld.com/news/bring-the-hacker-hereSource snippet
news28 Aug 2008 — The indictment goes on to say that once inside a network, McKinnon would use the hacked computers to find additional mi...
-
Source: theguardian.com
Link: https://www.theguardian.com/world/2005/jun/08/usa.ukSource snippet
'Military computer hacker' faces extradition to US8 Jun 2005 — It was alleged he also "deleted critical system files" on the computer, co...
-
Source: youtube.com
Title: The Man Who Hacked the U.S. Government
Link: https://www.youtube.com/watch?v=ND0zQX1rGdgSource snippet
UK hacker to learn extradition fate...
-
Source: youtube.com
Title: UK hacker to learn extradition fate
Link: https://www.youtube.com/watch?v=LEvGU1b4yswSource snippet
UK Hacker extradition to US blocked...
Topic Tree