Following on the heels of “Weinergate,” where then-House Representative Anthony Wiener claimed his Twitter account was hacked, it appears we have an actual case where a member of Congress has had their Twitter account tampered with.
TweetCongress founder Chris McCroskey received a call last night from the office of Bill Johnson, a freshman Representative from Ohio, to inform him of the breach. As being reported by Politico and The Hill, the @RepBillJohnson account was compromised in some way for a brief period the evening of July 13. The intruder replaced the congressman’s account photo with a graphic image, Retweeted @GOPWhip and sent two brief tweets (click here to see a screen shot captured by @vincetornero Note that image is NSFW).
The offending image and tweets were evidently removed within minutes by Rep. Johnson’s staff, and unlike the @RepWeiner incident, the @RepBillJohnson team is asking for assistance to get to the bottom of the breach. As reported by The Hill:
“Late Wednesday night, we learned that Congressman Johnson’s official Twitter account had been compromised by an unauthorized user. We took immediate steps to delete two unauthorized tweets and an in appropriate [sic] photograph. We are currently working with U.S. Capitol Police, House Information Security and Twitter to resolve this matter,” Johnson communications director Jessica Towhey said in a statement.
It will be interesting to see what comes of any investigation into the incident. Was the account truly “hacked” which means that Twitter has some security holes to plug? Or was the account ID obtained some other way via social engineering or phishing scheme?
TweetCongress founder Chris McCroskey today revealed that his analysis of the account take-over does indeed appear to be a hack, but not necessarily one specifically targeting @RepBillJohnson’s account. Based on the data cached by TweetCongress and the types of information tweeted out when the congressman’s account was hijacked, McCroskey surmises that @RepBillJohnson simply was a victim of a Twitter spammer using software to infiltrate Twitter accounts via password cracking or phishing activities. McCroskey has been contacted by the U.S. Capitol Police and is providing information to assist their investigation.
Perhaps its a good time to review Twitter’s help section on what to do when your account appears compromised: