The VICE Guide to Right Now

The Agency That Messed Up Hawaii's Nuclear Alert Keeps Passwords on Post-Its

At least they weren't using "password."
Drew Schwartz
Brooklyn, US
January 17, 2018, 8:30pm
Photo by Jennifer Sinco Kelleher / AP

Hawaii's Emergency Management Agency (HEMA) is taking some heat after an employee accidentally sent out a warning that a ballistic missile was barreling toward the state on Saturday, scaring the shit out of islanders and giving at least one poor guy a literal heart attack. But a closer look at the people tasked with responding to impending disasters shows that they treat their password protection the same way your forgetful parent might.

As Business Insider points out, a few press photos from the HEMA headquarters reveal that the agency has been keeping some of its passwords scrawled out on Post-it notes, pasted to various computer monitors. Some savvy Twitter users were even able to zoom in on one photo enough to make out the word: "warningpoint2."

A HEMA spokesperson said that "warningpoint2" wouldn't get anyone access to the warnings that are sent out to people's phones, but was used for some kind of "internal application." Regardless, people have speculated that Saturday's false alarm was the result of a hack, and not a HEMA employee's honest mistake. On Tuesday, Japan sent out a similar false alarm to people's phones, just days after Hawaii did, but it was deemed a "switching error."

You'd sort of hope the agency tasked with keeping Hawaiians safe in the event of a nuclear holocaust would be a little more careful about keeping its passwords a secret, as innocuous as the slipup may be. At least the guys at HEMA weren't using the old go-to "password."

Follow Drew Schwartz on Twitter.