Hackers have a ball on Twitter; leave AP red faced
Hackers broke into the Associated Press's Twitter account on Tuesday, falsely reporting President Barack Obama had been injured after two blasts at the White House.world Updated: Jul 31, 2013 14:29 IST
Hackers broke into the Associated Press's Twitter account on Tuesday, falsely reporting US President Barack Obama had been injured after two blasts at the White House.
Almost immediately the wire service posted via its corporate communications feed that its @AP Twitter account had been hacked, before promptly suspending the service.
AP spokesman Paul Colford later said the wire service had disabled other Twitter accounts following the attack and was working with the micro-blogging site to investigate the breach.
White House spokesman Jay Carney told reporters the president was unharmed. "I can say that the president is fine," Carney said shortly after the fake tweet. "I was just with him."
The FBI also said it was investigating the incident.
AP's White House Correspondent Julie Pace also noted the tweet was the result of a hacked account. "It appears as though AP's Twitter account has been hacked, so anything that was just sent out about any incident at the White House is obviously false," she said.
US stock markets took a sharp plungejust as the report came out. The Dow Jones fell 143 points, from 14,697 to 14,554 and the S&P 500 too dropped 12 points. Both the indices, however, recovered pretty soon.
The official AP Twitter account, @AP, was listed as "suspended" on the social media site soon after the erroneous Tweet was sent. @AP_Mobile was suspended as well.
The @ap Twitter account has been suspended after it was hacked. The tweet about an attack on the White House was false.— AP CorpComm (@AP_CorpComm) April 23, 2013
Many twitter users pointed that the hack was obvious since the hackers broke AP's tweeting style. Further, the tweet came directly from the web when the company usually uses a social tool called "Social Flow" to send tweets.
I love all the comments about the @ap hack being obvious because it broke AP Style. Copyeditors: 1 Hackers: 0— Cyndi Waite (@DCCyndi) April 23, 2013
The news organization later reported hackers had previously made repeated attempts to steal the passwords of AP journalists. A news watchdog site, Romensko, managed to find the warning e-mail sent out to AP employees and the phishing mail that was sent right before the hack attack.
The @ap hack came less than an hour after some of us received an impressively disguised phishing email.— Mike Baker (@MikeBakerAP) April 23, 2013
A group called 'Syrian Electronic Army' later claimed responsibility for the hack. It allegedly backs the regime of Syrian President Bashar al-Assad. Their account was suspended from Twitter.
The attack on AP's account is the latest in a series of attacks by the group on US media Twitter accounts. It had hacked into the Twitter feeds of AFP and CBS News earlier in the year.
The social media accounts connected to CBS News programs "60 Minutes" and "48 Hours" were hacked on Saturday.
The posts were later deleted, with CBS News saying: "We have experienced problems on Twitter accounts of @60Minutes & @48Hours; we apologize for the inconvenience; Twitter is resolving issues."
A Twitter spokesman declined to comment on the AP breach, saying the company does not comment "on individual accounts for privacy and security reasons."
At a time when cyber security and hacking have become top security concerns in many countries, Twitter has now come under the scanner. Given its reach to millions of users, there is a high the risk of data breaches on the site.
Twitter accounts for US' National Public Radio, BBC and CBS's "60 Minutes" program are among many accounts that have been hacked recently.
The recent attack brought Twitter's cyber security issues to light, again. Many social media experts have increasingly stressed on the need for Twitter to introduce a measure called two-factor authentication to reduce such breaches. The measure, already adopted by Google and Facebook, prevents fraud by forcing users to provide two pieces of information that will verify their identity. For example, in Facebook's case, users are sent a text message with a code to enter when the user logs in from an un-authenticated device.
(With agency inputs)