Some of the highest-profile Twitter accounts, including former President Barack Obama and Tesla Inc. Chief Executive Officer Elon Musk, were subject to a breathtaking hack on Wednesday involving a Bitcoin-related scam. Twitter Inc. temporarily blocked all verified accounts from posting or even changing their passwords while it investigated and sought to resolve the issue.
The scale of the hack was unprecedented, but Twitter has had significant security problems before. Here are a few of the most prominent recent attacks.
January 2020: NFL teams hacked
Earlier this year, more than a dozen Twitter accounts for teams in the National Football League were hijacked just a week before the Super Bowl. The Green Bay Packers official account tweeted, “We are here to Show people that everything is hackable.” The posts were later claimed by the group OurMine. Twitter said the accounts were hacked through a third-party platform.
August 2019: CEO sends offensive tweets
Twitter CEO Jack Dorsey‘s account, followed by more than 4 million people, fired off a slew of vulgar and racist tweets that were taken down about 20 minutes later. The cause, according to a Twitter spokesman: “The phone number associated with the account was compromised due to a security oversight by the mobile provider.” A group calling itself Chuckling Squad took responsibility.
November 2018: Twitter support forms exploited
Twitter said it identified an issue with one of its support forms that could expose the country code of a user’s associated phone number. It received a large number of inquiries via the affected form from individual IP addresses in China and Saudi Arabia, saying they could have had ties to state-sponsored actors.
July 2016: Dorsey hacked by OurMine
It was clear something was wrong when Dorsey’s account tweeted out: “testing your security,” a hack that apparently came from OurMine. Within an hour, Twitter deleted the tweets, according to reports at the time.
June 2016: 32 million passwords for sale
Hackers appeared to have used malware to collect more than 32 million Twitter passwords, and put them up for sale on the dark web, according to TechCrunch. Twitter said that its own systems had not been breached.
January 2015: U.S. military account tweets ISIS messages
The US military’s Central Command tweeted out threatening messages and changed its header message to include the text “i love you isis.” The Washington Post said the military was treating it as an act of “cybervandalism” and responded by immediately taking its social media accounts offline.