Security

How activist DeRay Mckesson’s Twitter account was hacked

Comment

Image Credits: TechCrunch / Matthew Lynley

Even though several huge data breaches have recently exposed hundreds of millions of social media login credentials online, users aren’t re-setting their passwords — which means you’ll probably continue to see celebrities’ social media accounts getting hijacked.
FullSizeRender (1)

Racial justice activist DeRay Mckesson became the most recent example of a high-profile account breach this morning, when his Twitter account suddenly began tweeting endorsements for Donald Trump. Mckesson’s loyal Twitter followers noticed that the endorsement and a follow-up tweet declaring, “I’m not actually black,” were out-of-character.

Mckesson said two of his email addresses were also breached.

After regaining control of his Twitter account, Mckesson explained that the hacker or hackers were able to take over by convincing Verizon to reset his SIM. With the SIM reset, the person responsible was able to receive text messages intended for Mckesson and therefore bypass the two-factor authentication the activist used to keep his account secure.

“Verizon takes the security and privacy of our customers very seriously. We are aware of Mr. McKesson’s claims and Verizon security teams are investigating,” Verizon told TechCrunch.

Mckesson also clarified his stance on presumptive Republican nominee Donald Trump:

Passwords for tens of millions of Twitter accounts appeared online for sale this week, following the hacks of accounts belonging to Katy Perry, Ev Williams, Mark Zuckerberg, Drake and others. Although it’s possible that some of their passwords were included in the auctioned database, it’s more likely that their accounts were compromised because they reused passwords from other breached websites like LinkedIn, Myspace and Tumblr.

That was the case for Forbes journalist Matt Drange, who broke the story of Peter Thiel’s financial contribution to Hulk Hogan’s lawsuit against Gawker. On Thursday, Drange woke up to find his account had been taken over by a porn bot that was tweeting #hottie and #bigcocks instead of Thiel scoops.

Drange said he was alerted to the hack by text messages from friends. “Sure enough, it was just boobs and hashtags,” Drange told TechCrunch. Drange’s account was breached because he’d reused a password from a breached website — his Twitter credentials were not exposed in the recent data dump.

Unlike Mckesson, Drange didn’t have two-factor authentication set up for his account, mistakenly believing that it was set up when he provided his phone number upon registering his Twitter account. He said he’s since added that protection to his account.

Two-factor authentication works by sending a temporary pincode to a trusted device during login, so a user needs both his password and the pincode to access his account. Twitter and other social media platforms recommend two-factor as a way to keep your accounts from being breached, although the hack of Mckesson’s account proves the method isn’t foolproof.

Verizon is the parent company of AOL, which owns TechCrunch.

More TechCrunch

OpenAI is removing one of the voices used by ChatGPT after users found that it sounded similar to Scarlett Johansson, the company announced on Monday. The voice, called Sky, is…

OpenAI is removing ChatGPT’s AI voice that sounds like Scarlett Johansson

Copilot, Microsoft’s brand of generative AI, will soon be far more deeply integrated into the Windows 11 experience.

Microsoft Build 2024: All the AI and hardware products Microsoft announced

Hello and welcome back to TechCrunch Space. For those who haven’t heard, the first crewed launch of Boeing’s Starliner capsule has been pushed back yet again to no earlier than…

TechCrunch Space: Star(side)liner

When I attended Automate in Chicago a few weeks back, multiple people thanked me for TechCrunch’s semi-regular robotics job report. It’s always edifying to get that feedback in person. While…

These 81 robotics companies are hiring

The top vehicle safety regulator in the U.S. has launched a formal probe into an April crash involving the all-electric VinFast VF8 SUV that claimed the lives of a family…

VinFast crash that killed family of four now under federal investigation

When putting a video portal in a public park in the middle of New York City, some inappropriate behavior will likely occur. The Portal, the vision of Lithuanian artist and…

NYC-Dublin real-time video portal reopens with some fixes to prevent inappropriate behavior

Longtime New York-based seed investor, Contour Venture Partners, is making progress on its latest flagship fund after lowering its target. The firm closed on $42 million, raised from 64 backers,…

Contour Venture Partners, an early investor in Datadog and Movable Ink, lowers the target for its fifth fund

Meta’s Oversight Board has now extended its scope to include the company’s newest platform, Instagram Threads, and has begun hearing cases from Threads.

Meta’s Oversight Board takes its first Threads case

The company says it’s refocusing and prioritizing fewer initiatives that will have the biggest impact on customers and add value to the business.

SeekOut, a recruiting startup last valued at $1.2 billion, lays off 30% of its workforce

The U.K.’s self-proclaimed “world-leading” regulations for self-driving cars are now official, after the Automated Vehicles (AV) Act received royal assent — the final rubber stamp any legislation must go through…

UK’s autonomous vehicle legislation becomes law, paving the way for first driverless cars by 2026

ChatGPT, OpenAI’s text-generating AI chatbot, has taken the world by storm. What started as a tool to hyper-charge productivity through writing essays and code with short text prompts has evolved…

ChatGPT: Everything you need to know about the AI-powered chatbot

SoLo Funds CEO Travis Holoway: “Regulators seem driven by press releases when they should be motivated by true consumer protection and empowering equitable solutions.”

Fintech lender SoLo Funds is being sued again by the government over its lending practices

Hard tech startups generate a lot of buzz, but there’s a growing cohort of companies building digital tools squarely focused on making hard tech development faster, more efficient and —…

Rollup wants to be the hardware engineer’s workhorse

TechCrunch Disrupt 2024 is not just about groundbreaking innovations, insightful panels, and visionary speakers — it’s also about listening to YOU, the audience, and what you feel is top of…

Disrupt Audience Choice vote closes Friday

Google says the new SDK would help Google expand on its core mission of connecting the right audience to the right content at the right time.

Google is launching a new Android feature to drive users back into their installed apps

Jolla has taken the official wraps off the first version of its personal server-based AI assistant in the making. The reborn startup is building a privacy-focused AI device — aka…

Jolla debuts privacy-focused AI hardware

The ChatGPT mobile app’s net revenue first jumped 22% on the day of the GPT-4o launch and continued to grow in the following days.

ChatGPT’s mobile app revenue saw its biggest spike yet following GPT-4o launch

Dating app maker Bumble has acquired Geneva, an online platform built around forming real-world groups and clubs. The company said that the deal is designed to help it expand its…

Bumble buys community building app Geneva to expand further into friendships

CyberArk — one of the army of larger security companies founded out of Israel — is acquiring Venafi, a specialist in machine identity, for $1.54 billion. 

CyberArk snaps up Venafi for $1.54B to ramp up in machine-to-machine security

Founder-market fit is one of the most crucial factors in a startup’s success, and operators (someone involved in the day-to-day operations of a startup) turned founders have an almost unfair advantage…

OpenseedVC, which backs operators in Africa and Europe starting their companies, reaches first close of $10M fund

A Singapore High Court has effectively approved Pine Labs’ request to shift its operations to India.

Pine Labs gets Singapore court approval to shift base to India

The AI Safety Institute, a U.K. body that aims to assess and address risks in AI platforms, has said it will open a second location in San Francisco. 

UK opens office in San Francisco to tackle AI risk

Companies are always looking for an edge, and searching for ways to encourage their employees to innovate. One way to do that is by running an internal hackathon around a…

Why companies are turning to internal hackathons

Featured Article

I’m rooting for Melinda French Gates to fix tech’s broken ‘brilliant jerk’ culture

Women in tech still face a shocking level of mistreatment at work. Melinda French Gates is one of the few working to change that.

1 day ago
I’m rooting for Melinda French Gates to fix tech’s  broken ‘brilliant jerk’ culture

Blue Origin has successfully completed its NS-25 mission, resuming crewed flights for the first time in nearly two years. The mission brought six tourist crew members to the edge of…

Blue Origin successfully launches its first crewed mission since 2022

Creative Artists Agency (CAA), one of the top entertainment and sports talent agencies, is hoping to be at the forefront of AI protection services for celebrities in Hollywood. With many…

Hollywood agency CAA aims to help stars manage their own AI likenesses

Expedia says Rathi Murthy and Sreenivas Rachamadugu, respectively its CTO and senior vice president of core services product & engineering, are no longer employed at the travel booking company. In…

Expedia says two execs dismissed after ‘violation of company policy’

Welcome back to TechCrunch’s Week in Review. This week had two major events from OpenAI and Google. OpenAI’s spring update event saw the reveal of its new model, GPT-4o, which…

OpenAI and Google lay out their competing AI visions

When Jeffrey Wang posted to X asking if anyone wanted to go in on an order of fancy-but-affordable office nap pods, he didn’t expect the post to go viral.

With AI startups booming, nap pods and Silicon Valley hustle culture are back

OpenAI’s Superalignment team, responsible for developing ways to govern and steer “superintelligent” AI systems, was promised 20% of the company’s compute resources, according to a person from that team. But…

OpenAI created a team to control ‘superintelligent’ AI — then let it wither, source says