WASHINGTON (AP) -- An anonymous hacker claims to have breached CIA Director John Brennan's personal email account and has posted documents online, including a list of email addresses purportedly from Brennan's contact file.
The CIA said it referred the matter to the proper authorities, but would not comment further.
The hacker spoke to the New York Post, which described him in an article published Sunday as "a stoner high school student," motivated by his opposition to U.S. foreign policy and support for Palestinians. His Twitter account, @phphax, includes links to files that he says are Brennan's contact list, a log of phone calls by then-CIA deputy director Avril Haines, and other documents.
The Post said he didn't reveal his name or where he lived.
The hacker also claimed to have breached a Comcast account belonging to Homeland Security Secretary Jeh Johnson, and released what appeared to be personal information.
One document purporting to come from Brennan's AOL email account contains a spreadsheet of people, including senior intelligence officials, along with their Social Security numbers, although the hacker redacted the numbers in the version he posted on Twitter. It's unclear why Brennan would have stored such a document in his private email account. Based on the titles, the document appears to date from 2009 or before.
Spread the Word
One document purporting to come from Brennan's AOL email account contains a spreadsheet of people, including senior intelligence officials...
When people visit the White House and other secure facilities, they are required to supply their Social Security numbers. Brennan could have been forwarding a list of invitees to the White House when he was President Barack Obama's counter terrorism adviser, the job he held before he became CIA director in 2013.
Security experts advise people not to email Social Security numbers, and some companies have software that automatically blocks an email if it detects characters in the format of a Social Security number.
The hacker told the Post he had obtained a 47-page version of Brennan's application for a security clearance, known as an SF86. That document -- millions of which were stolen from the federal personnel office last year by hackers linked to China -- contains detailed information about past jobs, foreign contacts, finances and other sensitive personal details.
No such document appears to be posted on the hacker's Twitter account, but it's not clear whether the hacker posted it elsewhere.
See large data breaches from the past five years:
Notable Data Breaches
Hacker claims to have breached CIA director's personal email
LONDON, ENGLAND - AUGUST 19: A detail of the Ashley Madison website on August 19, 2015 in London, England. Hackers who stole customer information from the cheating site AshleyMadison.com dumped 9.7 gigabytes of data to the dark web on Tuesday fulfilling a threat to release sensitive information including account details, log-ins and credit card details, if Avid Life Media, the owner of the website didn't take Ashley Madison.com offline permanently. (Photo by Carl Court/Getty Images)
The Homeland Security Department headquarters in northwest Washington, Friday, June 5, 2015. China-based hackers are suspected once again of breaking into U.S. government computer networks, and the entire federal workforce could be at risk this time. The Department of Homeland Security said in a statement that data from the Office of Personnel Management _ the human resources department for the federal government _ and the Interior Department had been compromised. (AP Photo/Susan Walsh)
FILE - In this Feb. 5, 2015 file photo, the Anthem logo hangs at the health insurer's corporate headquarters in Indianapolis. Insurers aren't required to encrypt consumers' data under a 1990s federal law that remains the foundation for health care privacy in the Internet age _ a striking omission in light of the cyberattack against Anthem, the nation's second-largest health insurer. (AP Photo/Michael Conroy, File)
Sony Pictures Entertainment headquarters in Culver City, Calif. on Tuesday, Dec. 2, 2014. The FBI has confirmed it is investigating a recent hacking attack at Sony Pictures Entertainment, which caused major internal computer problems at the film studio last week. (AP Photo/Nick Ut)
FILE - In this file photo made Oct. 6, 2009, employee John Abou Nasr pushes shopping carts in the parking lot of a Home Depot in Methuen, Mass. Home Depot's data breach could wind up being among the largest ever for a retailer, but that may not matter to its millions of customers. (AP Photo/Elise Amendola, File)
Shoppers arrive at a Target store in Los Angeles on Thursday, Dec. 19, 2013. Target says that about 40 million credit and debit card accounts may have been affected by a data breach that occurred just as the holiday shopping season shifted into high gear. (AP Photo/Damian Dovarganes)
Graphic shows details of recent notable data breaches by organization; 3c x 7 inches; 146 mm x 177 mm;