Twitter CEO Jack Dorsey’s Twitter handle (@jack) was hacked and the account remained compromised for 20 minutes. The hacker group that hacked Jack’s account posted a series of racial slurs including the ‘N-word’ and tweets praising Hitler.
Apparently, more than a dozen tweets that were outright demeaning and offensive were posted in a span of 20 minutes. With more than 4.21 million followers, the account was soon suspended by Twitter and an investigation has been initiated.
We're aware that @jack was compromised and investigating what happened.
— Twitter Comms (@TwitterComms) August 30, 2019
A couple of tweets were posted with the #ChucklingHella — the purported group behind the attack.
The hackers behind the attack also posted a link to Discord’s messaging board. The last message on the Discord’s chat service asked users about which account should the hackers hack next. The Discord server was soon taken down.
It was found that the tweets were sent via Cloudhopper – a Twitter-owned tool that provides the feature of posting tweets via SMS.
This indicates that the hackers managed to compromise Jack’s account by spoofing his phone number linked with Cloudhopper instead of gaining access to his Twitter account’s password. The same was confirmed by Twitter later.
The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved.
— Twitter Comms (@TwitterComms) August 31, 2019
Hackers also set Jack’s messaging inbox to ‘open,’ making it possible for anybody to send messages to his account.
This is not the first time when a high-profile person got his account hacked. Same happened with Mark Zuckerberg when his Twitter account was hacked in 2016.
We can only imagine the sleepless night awaiting Twitter’s security head after the fiasco.