Twitter CEO Jack Dorsey’s Twitter account was hacked Friday afternoon, with the infiltrators tweeting numerous racial slurs as well as a bomb threat. Tweets from the hackers began shortly before 1 p.m. Friday and were removed after about 20 minutes.
The hackers also retweeted a number of other offensive messages, including one stating that “Nazi Germany did nothing wrong.”
A Twitter spokesperson confirmed the incident on Twitter, promising that the company was investigating the circumstances:
Yes, Jack's account was compromised. We're working on it and investigating what happened.
— Brandon (@bborrman) August 30, 2019
The company later said that it had secured Dorsey’s account, and that it had no indications for a breach of Twitter’s systems.
The tweets in question were apparently sent with the use of Cloudhopper, a mobile messaging app that the company acquired back in 2010. Cloudhopper’s technology is now powering Twitter’s SMS functionality, and among other things allows users to tweet via SMS. This suggests that the hackers were able to hijack or spoof the phone number linked to Dorsey’s Twitter account, and then simply tweet via SMS.
This could be both good and bad news for Twitter. The good news is that the hackers likely didn’t break into Twitter’s servers. Instead, they could, for instance, have called Dorsey’s phone company and pretended to be him in order to take over his number. The bad news is that Twitter doesn’t seem to have the necessary safeguards for SMS posting.
This isn’t the first time prominent Twitter accounts have been taken over by hackers. Past victims of similar hacks include Netflix, HBO and Marvel. But while some of those hacks in the past were merely trying to highlight security vulnerabilities, the hackers in this case chose to spread racist messages.
The combination of a security incident with racist slurs represents a bit of a double whammy for Twitter. The company has long struggled to respond to the presence of extremists on its platform, with users routinely complaining that it doesn’t do enough to ban racists.
The company has been trying to answer its critics by imposing stricter content guidelines while also investing in what it calls healthy conversations — but obviously, not all of its users seem to be on board with that direction. That discrepancy was on stark display Friday before Twitter’s staff was able to clean up Dorsey’s account: