The account of Twitter Inc Chief Executive Jack Dorsey was hacked yesterday afternoon, sending public tweets and retweets including racial slurs and curse words to 4 million followers before Twitter secured the account.
Twitter acknowledged the hack and said it was investigating. It later tweeted that Dorsey’s account was secure and there was no indication that Twitter’s systems had been compromised.
One of the tweets claimed Nazi leader Adolf Hitler was innocent, while others contained racist comments about black people and Jews. There was also a tweet suggesting there was a bomb at Twitter’s headquarters.
The account posted a hashtag that was used during the apparent hacks of several YouTube stars last week.
The hack underscored potential vulnerabilities in the social media platform, which is widely used by world leaders and politicians, including U.S. President Donald Trump. It comes at a time when social media companies are facing scrutiny over management of their networks, privacy issues and security of user data.
The offensive tweets and retweets were deleted less than an hour after the incident. Some Twitter accounts named in the compromised tweets and retweets appeared suspended on Friday.
Screenshots of the tweets appeared to show they were sent through Cloudhopper, a mobile text messaging service that Twitter acquired in 2010.
Twitter did not immediately respond when asked to confirm if the hack took place via Cloudhopper.
Security researcher Brian Krebs said it appeared that Dorsey was the victim of a SIM swapping attack, when a mobile provider is tricked or otherwise convinced to transfer a victim’s phone number to a SIM card controlled by someone else.
The Friday incident was not the first time that Dorsey’s Twitter account has been hacked: his account was compromised in 2016 by a group that also hacked the Twitter accounts of Google CEO Sundar Pichai and Facebook CEO Mark Zuckerberg.
Twitter shares were down less than 1% in after-hours trade following the hack.