Hacker gets into Epstein’s personal email after password ‘exposed’ in files

A recent release of Jeffrey Epstein’s legal files by the U.S. Department of Justice has unintentionally exposed active login credentials for some of his online accounts — including his personal email — sparking a wave of unauthorized access attempts online.

The sprawling data dump, part of a court-mandated transparency effort that includes millions of pages of documents, contained a number of plaintext passwords tied to services such as Outlook, Yahoo, Apple ID and others.

Almost immediately after the files became public late Wednesday, users on the social news site Reddit began experimenting with the exposed credentials. One widely shared password — “#1Island” — reportedly gave multiple people access to Epstein’s Outlook inbox, which at first held only a couple of old messages. Within hours, visitors claimed to have filled the inbox with spam messages, memes and new account registrations, and changed the profile picture.

Other unique passwords found in the released records — like “Jenjen12” and “jeevacation12” — appeared linked to accounts across multiple platforms. Security researchers say the apparent reuse of the same login across several linked accounts illustrates poor password practices in the files.

Some people also reported success using variations on passwords such as “ghislaine,” though many accounts remain protected by two-factor verification, limiting unauthorized entry.

The incident has raised serious concerns about how the DOJ reviewed and redacted sensitive digital information in the Epstein material, especially given that many of the exposed passwords remain valid years after they were created.

One email sent his LinkedIn login details (Picture: DOJ)

One file included a password hint of ‘#1Island’ (Picture: DOJ)

Another included his login information for porn sites (Picture: DOJ)