(Reuters) - The hack of Twitter on Wednesday that compromised the accounts of prominent people including U.S. presidential candidate Joe Biden, reality TV star Kim Kardashian and former U.S. President Barack Obama was one of the most dramatic of the social media era.
But it was hardly the first.
Following is a list of some of the most prominent attacks and security breaches to have impacted social media firms.
Twitter: The company said Wednesday’s hack came after employees with access to its internal systems were compromised by hackers who then “used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.” [L2N2EM2IW
The company’s employees have been targeted before. The U.S government said in November 2019 it had charged two former Twitter employees with spying for Saudi Arabia by accessing information on dissidents who use the platform.
According to the complaint, Twitter - which removed tens of thousands of accounts for inauthentic behaviour linked to Saudi Arabia in December - learned of the unauthorized access in late 2015.
Twitter has faced security breaches and targeted attacks on prominent Twitter users throughout its 14-year history. The account of the company’s chief executive, Jack Dorsey, was hacked in August 2019, allowing an unauthorized person to send public tweets including racial slurs and curse words.
Other Twitter accounts hacked include those of the Associated Press and the Guardian in 2013, as well as celebrities such as Taylor Swift in 2015 and Donald Trump in 2013.
A 2013 hack gave attackers access to around 250,000 Twitter users’ email addresses, usernames, and encrypted versions of their passwords.
In 2010, the firm agreed to a settlement with the U.S. Federal Trade Commission over charges it put its customers privacy at risk by failing to safeguard their personal information.
An investigation by the U.S government in 2009-2010 found that serious lapses in Twitter’s security allowed hackers to send out phoney tweets from 45 prominent accounts, including from the accounts of media outlet Fox News and then U.S president Barack Obama.
Facebook: In September 2018, Facebook said hackers had exploited software flaws to access 50 million users’ accounts.
The company scaled back the size to weeks later, saying 30 million users had their access tokens stolen, while 29 million had personal information such as gender, religion, email addresses, phone numbers and search histories taken.
Facebook previously stated in 2018 that profile details from 87 million users were improperly accessed by political data firm Cambridge Analytica, resulting in a $5 billion fine by the U.S Federal Trade Commission in 2019 on charges of failing to protect its data from third parties.
The firm has also suffered narrower breaches. In 2013, Facebook disclosed a software flaw that exposed 6 million users’ phone numbers and email addresses to unauthorized viewers for a year, while a technical glitch in 2008 revealed confidential birth-dates on 80 million Facebook users’ profiles.
WhatsApp: The Facebook-owned messaging platform WhatsApp said in May 2019 it had uncovered a security breach that allowed attackers to inject spyware on phones via the app’s phone call function. The messaging app said the breach had signs of coming from a government using surveillance technology developed by a private company and may have targeted human rights groups.
Telegram: In 2016, Iranian hackers compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters.
LinkedIn: The Microsoft-owned professional networking platform suffered a security breach in 2012, after hackers posted the passwords of millions of its users online.
Tumblr: The blogging platform was hacked in 2013, with researchers estimating that the emails and passwords of 65 million Tumblr users were posted online.
Reporting by Fanny Potkin; Editing by Lincoln Feast.
Our Standards: The Thomson Reuters Trust Principles.