Twitter CEO Jack Dorsey had his account hacked today, with the attackers posting a series of racist and anti-Semitic statements. Calling themselves the “Chuckling Squad,” the hackers tweeted the n-word and Nazi propaganda, as well as a bomb threat directed at Twitter’s headquarters, over the course of about 20 minutes.
In the past week, the hacking collective also appears to have targeted YouTubers Shane Dawson and James Charles, among others. This time, Chuckling Squad also set up a Discord channel to document and share their misdeeds. The channel was quickly shut down.
Within an hour, Twitter removed the offending tweets and suspended accounts associated with the hackers. The company also said its own systems had not been breached.
Instead, it appears the hack originated from Cloudhopper, an app that facilitates SMS-based tweets, according to James O’Malley, a freelance journalist. Twitter acquired Cloudhopper in 2010.
Dorsey might have been more vulnerable to getting hacked because of his preference for using his iPhone to work. An ex-Twitter employee told BuzzFeed Dorsey previously declined overtures to use a more secure laptop because he doesn’t like carrying items while walking.
Today’s events reflect the vulnerability of social media accounts, which can be susceptible to SIM-swapping and other attacks. They also illustrate how hackers can weaponize Twitter—or potentially, third-party affiliates—to wreak havoc.