AP Twitter Account Hacked in Market-Moving Attack

Hackers hijacked the Associated Press Twitter account yesterday, sending stock markets down 1 percent in a matter of seconds by posting a false claim of an attack on the White House.

The Twitter message -- saying that President Barack Obama had been injured after his residence was bombed -- followed repeated attempts by hackers to gain access to AP reporters’ passwords, the news agency said in a report. The AP restored the account this morning after it was suspended yesterday pending a security review.

The Standard & Poor’s 500 Index fell about 1 percent yesterday before quickly rebounding, briefly wiping out $136 billion in value. A separate Twitter account operated by the AP’s corporate communications team followed up minutes later with its own message: “That is a bogus @AP tweet.”

The news agency is the latest victim in a series of attacks against journalism outlets, including the Twitter accounts of CBS News’s “60 Minutes” and “48 Hours” this past weekend. After it was compromised, the Twitter account for “60 Minutes” posted a message saying, “Terror is striking the #USA and #Obama is Shamelessly in Bed with Al-Qaeda.” Both accounts have been suspended pending an investigation, according to Sonia McNair, a CBS News spokeswoman.

The errant AP tweet spooked investors eight days after two explosions struck the Boston Marathon, killing three people and wounding more than 200. U.S. authorities brought charges against Dzhokhar Tsarnaev, 19, for the attack earlier this week.

Social Media

The false tweet spotlighted the power of social media in moving financial markets. The AP’s main Twitter account, @AP, had over 1.9 million followers before the hacking.

Cathy Baron Tamraz, chief executive officer of Berkshire Hathaway Inc.’s Business Wire, called the incident an “object lesson” in why social media isn’t a substitute for press releases.

“I’ve got over 100 technologists in my shop,” said Tamraz, whose company distributes news releases for corporate clients. “What they spend their time doing is figuring out what the bad guys want to do and preventing them from doing it. That’s the kind of thing I don’t think these social sites were even set up to do. That’s not their core competency.”

The AP account is one of the feeds provided through a Twitter function on Bloomberg Professional, the financial-data service sold by Bloomberg News parent Bloomberg LP. The U.S. Securities and Exchange Commission said this month that companies can post news on social-media sites as long as investors have been told in advance where to look.

“Following the SEC’s decision earlier this month to allow companies to disclose material information via social media, Bloomberg integrated Twitter feeds into the Bloomberg Professional service,” the company said in a statement.

Seesaw Move

The S&P 500 was up 1 percent at 1,578.77 at the close in New York after dipping as low as 1,562.5.

When the bogus tweet went out, investors sought refuge in safer assets, influencing Treasury and currency markets. Yields on benchmark 10-year U.S. Treasury notes dropped about six basis points, or 0.06 percentage point, to a low for the year of 1.64 percent immediately. The dollar weakened to about 98.60 yen before recovering to 99.27 after the report was discredited.

“The president is fine,” White House spokesman Jay Carney told reporters minutes after the hacking was discovered. “I was just with him.”

The hacking incident has come to the attention of the Federal Bureau of Investigation, which will look into the attack, spokeswoman Jenny Shearer said. “The FBI is investigating the matter with the AP and Twitter,” she said, without elaborating.

‘Phishing’ Attack

The Associated Press is a not-for-profit news organization funded by its newspaper and broadcast members. Founded in 1846, the New York-based news operation has more than 2,000 journalists worldwide.

“We’ve obviously been hacked on our AP Twitter account,” said Paul Colford, a spokesman for the Associated Press. “That tweet about the White House is obviously bogus.”

Jim Prosser, a spokesman for San Francisco-based Twitter, declined to comment.

Twitter accounts are vulnerable to hacking partly because the service lacks a more sophisticated authentication system, according to Wade Williamson, a senior security analyst with Palo Alto Networks Inc.

The attack “is likely an example of a traditional account hijacking in which a hacker stole the AP account administrator’s password,” he said in an interview.

The AP reported that yesterday’s hacking was preceded by a “phishing attempt” on its computer network, a common hacking technique that lures users into divulging username and password information by setting up a fake log-in screen.

The hack “came less than an hour after some of us received an impressively disguised phishing e-mail,” Mike Baker, a reporter for the AP in Olympia, Washington, said on his Twitter account.

“Whatever the purpose of this attack was, it seems to have been pretty self-contained,” Williamson said. “The benefit from the attackers’ view has already happened.”

(Updates with restoration of AP Twitter account in the second paragraph.)
    Before it's here, it's on the Bloomberg Terminal. LEARN MORE