Last week, Twitter sent a mass email to journalists. “There have been several recent incidents of high-profile news and media Twitter handles being compromised,” it said. “We believe that these attacks will continue.”
And so they have: The Onion’s Twitter account has been hacked, and its hackers are playing with the audience:
The Onion being The Onion, it took a while to figure out if this hack was real or an ultra-arch joke. It appears to be real — the SEA has taken credit for it on another account.
What’s remarkable about this is that it will continue for the foreseeable future, and there’s little anyone can do about it. For one, Twitter does not yet offer two-factor authentication to the public (though it’s working on it). More importantly, the level of security most people and organizations maintain simply can’t stand up to this kind of attack: The hacks focus on human error, presenting employees with log-in screens that resemble those of their specific employers.
The SEA appears to be casting its net wide. Many major news organizations have been targeted already, and many more have reported suspicious activity in recent weeks. BuzzFeed was targeted with a similar approach, though it’s unclear if the attack came from the SEA.
We can expect to see this again and again — at least until Twitter gets a better security system. But perhaps after that too.
Update - May 6, 2:30 p.m., EDT: It appears as though The Onion has regained control of the account.