Security News

Twitter Founder Jack Dorsey's Account Hacked, Offensive Tweets Sent

It goes to show that nobody is safe. Twitter founder and CEO Jack Dorsey has had his official Twitter account, @Jack (4.2 million followers) hacked. It was short-lived - the account was 'regained' within 30 minutes - but in that time the group behind the attack used Dorsey's account to tweet offensive content, including racial slurs and anti-Semitic tweets.

All tweets and retweets were removed, but it caused major embarrassment, especially because the process by which the hackers accessed Dorsey's account was a relatively simple one. They obtained Dorsey's phone number courtesy of what Twitter called a "security oversight" by a service provider. Once they had the number, the hackers were able to get the provider to assign it to a phone they owned (a process called SIM hacking). The hackers were then free to use the text-to-tweet service - users add a mobile number to their Twitter account, allowing them to tweet by sending a text message to a code number - to publish tweets on Dorsey's account.

Several tweets were tagged #ChucklingSquad, a group that had spent the two weeks leading up to the Dorsey 'incident' hacking well-known YouTube accounts, including those of James Charles, Etika, Shane Dawson, Amanda Cerny and King Bach.

This isn't the first time Dorsey's account has been hacked. In 2016, OurMine took over @Jack and sent a message referring to 'testing your security', as well as linking to a video on their website (OurMine also hacked Mark Zuckerberg and Sundar Pichai).

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.

Get weekly security news and vulnerability alerts

Join 916 others receiving a free weekly report with a round-up of vulnerabilities and security news customised to your software stack. See an example email

Example email for SecAlerts

Earlier: