A serving Scotland Yard officer was arrested on Wednesday by detectives investigating police corruption and payments from journalists. The officer is being questioned by the arresting team but has not been formally charged.
The 52-year-old female police officer, who has not been named, was arrested at her home in Essex under Operation Elveden, the Metropolitan Police operation investigating inappropriate payments to police for information, according to the U.K. Telegraph.
Sources said she is a member of the Metropolitan Police's specialist operations branch.
The branch has three functions including protecting the Royal Family and public officials, investigating terrorism and providing protection to major landmarks such as Houses of Parliament and airports including Heathrow.
Operation Elveden was launched after police were handed documents suggesting journalists working for News International had made illegal payments to officers.
Allegations of phone hacking and payments to police led Met Police Commissioner Sir Paul Stephenson and Assistant Commissioner John Yates to resign, and the News of the World to close down after 168 years, according to a BBC report.
Sixteen people have been arrested under Operation Weeting and one person arrested under Operation Tuleta, the police's investigation into allegations of computer hacking which is not covered by Weeting.
PC Magazine writes about how easy it is to hack phones and email according to an expert Kevin Mahaffey, co-founder and CTO of mobile security firm Lookout.
Spoofing a caller ID was—and is—pretty easy, Mahaffey added.
"There are a lot of free applications that allow you to spoof a caller ID," he said. "It's not very hard to do at all. School kids can do it."
Getting a person's personal phone number to spoof could be accomplished by finding it in publicly available documents such as student listings, or these days, on social networking sites like Facebook. A bit of social engineering with real people who know or could access the number would accomplish the same thing, Mahaffey said.
Passwords Don't Provide Invulnerability
These days, most message systems require a password, but that doesn't mean that people who don't want their voice mails hacked are invulnerable to hackers. Password strength remains crucial, Mahaffey said.
"The first big vulnerability is using a simple, bad password, like the last four digits of your phone number, or 1-2-3-4, or publicly available information like your birthday," he said. "That's going to be a problem from now until we get rid of PIN codes, which may be never."
Password retrieval mechanisms can be exploited as well. Many, if not most security protocols send forgotten passwords to a person's main email address, Mahaffey pointed out. If somebody has access to your main email account, they basically have access to every password you use out in the wild.