Twitter's founder and CEO Jack Dorsey had his account hacked.
In what appeared to be a coordinated effort between several accounts, including at least one account that appeared to have been created just for hacking Dorsey's account, the hackers managed to send several tweets with @jack's verified account, many of them containing racist epithets, threats, and extortion demands.
It was reported that a group calling itself 'Chuckle Squad' was responsible for the hack.
The hackers managed to use Cloudhopper, a company acquired by Twitter to help it with its SMS service.
Dorsey's hacked account was tweeting for at least 30 minutes. And roughly an hour and a half after the hack, Twitter removed the offending tweets, and said that "the account is now secure, and there is no indication that Twitter’s systems have been compromised."
The account is now secure, and there is no indication that Twitter's systems have been compromised.
— Twitter Comms (@TwitterComms) August 30, 2019
Twitter blamed the mistake to Dorsey’s mobile carrier, saying that "the phone number associated with the account was compromised due to security oversight by the mobile provider," which apparently allowed the hackers to send the tweets using text messages.
Dorsey's Twitter account has also been hacked in the past.
In 2016 for example, the security firm OurMine hacked @jack to send out a message about “testing your security.” The tweet also had a video and a link to OurMine’s website.
As for Chuckle Squad, the hacking group is also said to have hacked a number of YouTube celebrities account a week prior on Twitter. This include beauty vlogger James Charles, Shane Dawson, and comedian King Bach.
The hackers also allegedly gained access to the late Desmond “Etika” Amofah’s Gmail account, as seen by screenshots collected in their Discord server.
At the time, many of the people who were hacked suggested that their accounts were breached following a SIM card swap conducted by AT&T employees.
"We are working with law enforcement, have restored the customers’ service, and discussed ways to secure the account," said an AT&T spokesperson to The Verge after the series of Chuckle Squad attacks.