Hijacking Twitter: How Recent Hacking and Phishing Incidents Reveal Security and Customer Relations Gaps in Social Networking Media

Twitter users received a scare this week when the popular micro-blogging service experienced a two-pronged attack.  First, on January 3, 2009, several Twitterers became victims of a "phishing" scam, where scammers gained access to account usernames and passwords, then sent fraudulent emails to other Twitter users.  Next, several high profile accounts were hacked; their "followers" thus received updates that were offensive and slanderous.  Famous Twitterers such as President-Elect Barack Obama, Fox News' Bill O'Reilly , and pop star Britney Spears were among the victims of the January 5 prank.  For an example of a well-known Twitter user affected by the hacking, see CNN anchor Rich Sanchez's story. 

Perhaps these events demonstrate that the Twitter service has "arrived," that no successful site or program experiences zero problems.  Yet these two incidents illustrate the problematic issue of security.  Despite the number of password protection programs or encryption software that supposedly assure secure passage of information, determined hackers continually find vulnerabilities on Web sites and exploit them.  According to Wired's blog, an 18-year-old student claimed responsibility for the celebrity prank, describing the ease with which he gained access to usernames and passwords.  Using password generating software, he hacked the account of, incredibly, a Twitter support staff member who used a very basic password.  Once he had access, he managed to reset celebrity users' passwords, then posted the bogus messages.  In an even scarier development, the hacker claimed he posted affected Twitter users' account information to a Web site, offering the compromised accounts to anyone by request.

Why Users Should Care About Miley Cyrus's Hijacked Account

No harm done, right?  The celebrity incident is just a harmless prank, and the first phishing instance did not affect the majority of Twitterers.  In fact, these incidents prove how easily social networks can be infiltrated, leading to identity theft and spreading of malicious rumors.  According to the Wired article, the hacker also claimed responsibility for hijacking Hannah Montana star Miley Cyrus's YouTube account.  A friend of the hacker then posted a "memorial" video on the site, which stated that Cyrus had died tragically in an accident.  The story quickly spread to mainstream media, with Cyrus's publicist immediately issuing a statement that the teen star was indeed alive.  With today's social networking technology, such false rumors can spread at the speed of light — during the 2008 presidential campaign, Barack Obama was the subject of so much Internet gossip that his team established a site, Fight the Smears, to counter such stories. Social networks played a big part in spreading these false rumors.

Article Author: Kit O'Toole

Kit O'Toole is a lifelong music enthusiast who maintains a music blog, Listen to the Band. In addition, she is the internet columnist and a contributing editor for Beatlefan magazine. She also holds an Ed.D. in Instructional Technology.

Visit Kit O'Toole's author page — Kit O'Toole's Blog