The U.S. Department of Homeland Security's own security has been shown to be about as effective as a drunk bouncer who is sleeping off a keg of ale outside the wrong nightclub.

In 2003 the Orwellian department warned about a vulnerability on a PBX which was easily resolved if administrators tweaked their settings.

Homeland Security's Federal Emergency Management Agency did not seem to get the memo, and a hacker broke in over the weekend and racked up about $12,000 in calls to the Middle East and Asia. It looks like FEMA forgot to change the default passwords.

Calls were made to Afghanistan, Saudi Arabia, India and Yemen. Most of the calls were about three minutes long, but some were as long as 10 minutes. FEMA didn't realize until the calls were spotted by the telco.

More here.