31 August 2019
San Francisco: Hackers on Saturday broke into Twitter Chief Executive Officer (CEO) Jack Dorsey's account and posted a flurry of rogue tweets, including racial slurs.
The micro-blogging platform later said that it secured Dorsey's account which became victim of 'SIM swapping' or 'SIM jacking' where a mobile number is transferred to a new SIM card.
By taking control of Dorsey's number, hackers posted tweets via text messages on his Twitter account.
A hacker group called 'Chuckling Squad' claimed that it was behind the cyber attack on Dorsey's Twitter account which has over 4 million followers.
"The phone number associated with the account was compromised due to a security oversight by the mobile provider," Twitter said in a statement.
"This allowed an unauthorised person to compose and send tweets via text messages from the phone number," the company added.
According to TechCrunch, one of the tweets posted a Twitter handle of someone who purported to take credit for the account takeover. That account was immediately suspended.
"We're aware that @jack was compromised and we are investigating what happened," said Twitter.
The tweets appear to have come via Cloudhopper, a company that Twitter previously acquired to help with its SMS service, reports The Verge.
The hacker appears to be from the same group that attacked YouTube celebrities last week on Twitter, including beauty vlogger James Charles, Shane Dawson, and comedian King Bach.
In 2016, the security firm OurMine hacked Dorsey's handle to send out a message about "testing your security."
OurMine also hacked the accounts of Facebook CEO Mark Zuckerberg and Google's Sundar Pichai.
The accounts of Zuckerberg on both Twitter and Pinterest were compromised.
The hacker group 'OurMine' claimed that it was possible due to the LinkedIn password dump. Millions of LinkedIn user account details were leaked online in 2016.