The Associated Press’ Twitter accounts @ap and @AP_mobile were hacked this past week. The hackers posted to the @ap account a fake tweet on April 23 claiming the White House was attacked and President Obama was hurt.
“Breaking: Two Explosions in the White House and Barack Obama is injured,” the tweet reads, according to GigaOm’s screenshot (above).
On the account @AP_mobile, the hackers posted “Syrian Electronic Army was Here,” Tech Crunch reported. That group has claimed responsibility for hacking other news sites’ social media accounts, as iMediaEthics has written. We went to Syrian Electronic Army’s Twitter account April 26 to see if the group tweeted about the AP hack, but the account was suspended.
This hack was particularly newsworthy because it affected the U.S. stock market and because it was less than two weeks after the very real Boston Marathon bombing and manhunt for the suspects in the bombings. As the New York Post explained, because of the tweet, the Dow Jones temporarily dropped “146 points in about three minutes, erasing some $42 billion.”
In a statement on the Associated Press website, the AP’s Paul Colford noted that the wire service temporarily “suspended other Twitter accounts out of a sense of caution” because of the hack. And, on other Twitter accounts, the AP let followers know its account was hacked.
The @ap Twitter account has been suspended after it was hacked. The tweet about an attack on the White House was false.
— AP CorpComm (@AP_CorpComm) April 23, 2013
The AP ended up suspending all of its Twitter accounts temporarily.
All, AP’s Twitter accounts will be suspended until we can be assured of their security. Do not respond to any news posted by these accounts.
— AP Politics (@AP_Politics) April 23, 2013
Later, after the AP got back on the account, it tweeted
The AP Twitter account was suspended for about 20 hours, GigaOm reported.
The Associated Press also reported on the hack in a news story explaining that the hackers got into the account by phishing. “The attack on AP’s Twitter account and the AP Mobile Twitter account was preceded by phishing attempts on AP’s corporate network,” the AP reported.
Jim Romenesko published an email from the AP’s Information Security learning about the phishing email a little before the hack happened. He also posted an email he said was the phishing email, which re-directs to a Washington Post article.
According to the AP, the FBI is looking into the hack.
iMediaEthics wrote to the AP to ask what precautionary measures the wire service is taking in the future and for confirmation of the authenticity of the emails published on Romenesko’s website but spokesperson Paul Colford directed us to the AP’s statement about the hack.
Could Twitter Add an Extra Step ?
According to Bloomberg, an anonymous source suggested Twitter is considering adding a two-step approval practice, which could potentially better secure Twitter accounts. Under that, tweeters would have to log in not just with a regular user name and password, but also with an extra code, which could be sent to a different device or email.
But, even if the Associated Press had been using a “two-factor authentication” on its tweets, the hack still probably would have happened because the account that was compromised had more than one person tweeting from it, PC Magazine reported. As PC Magazine explained:
“AP, much like many other organizations, probably had multiple employees posting to @AP throughout the day. What would happen anytime someone tries to post to Twitter? Every login attempt requires the person who has the registered device, whether it’s a smartphone or a hardware token, to provide the second-factor code. Depending on the mechanism in place, this could be every day, every few days, or whenever a new device is being added.”
Further, the AP would most likely not be able to tweet efficiently. PC Magazine quoted “online identity company‘s OneID’s Jim Fentonas as explaining the two-step tweets would be a “pretty significant roadblock to productivity.”