This archive report was first published on 31 August 2019.
On August 31, 2019, Twitter CEO Jack Dorsey's account was compromised, leading to the posting of a series of erratic and offensive messages.
The tweets, which included racial slurs and suggestions about a bomb, were posted around 2000 GMT and were later deleted.
Some of the tweets contained the hashtag #ChucklingSquad, which was believed to indicate the identity of the hacker group.
Twitter spokespersons confirmed that the account was compromised and were investigating the incident.
Many Twitter users questioned why Dorsey's account wasn't secured with two-factor authentication, and how disturbing it was that the service couldn't keep its own CEO safe on the platform.
British-based security consultant Graham Cluley emphasized the importance of two-factor authentication, stating that everyone should ensure they have 2FA enabled, use unique passwords, and double-check what apps they've linked to their accounts.
Cybersecurity researcher Kevin Beaumont suggested that the account was hijacked via a third-party service called Cloudhopper, which Twitter acquired about 10 years ago and had access to Dorsey's account.
Cloudhopper enables users to send tweets on their phones via SMS.
The incident raised fresh concerns about how social media users—even prominent ones—can have their accounts compromised and used for misinformation.