Hacker behind major Twitter breach sentenced to five years in federal prison

Share via:

Three years after one of the most prominent hacks in recent memory unfolded on Twitter, one of the responsible hackers is now facing federal prison time. Joseph James O’Connor, a 24-year-old UK citizen, was sentenced to five years in a New York federal court on Friday. In May, O’Connor pleaded guilty to four counts, including computer hacking, wire fraud, and cyberstalking. As part of his plea deal, he agreed to forfeit at least $794,000 to the victims of his crimes.

O’Connor, who was extradited from Spain earlier this year, has been in custody since then. During the hearing, Judge Jed S. Rakoff noted that O’Connor would likely serve around half of his sentence after spending more than two years in pre-trial custody. Prosecutors from the Justice Department had called for O’Connor to serve at least seven years in prison. The maximum sentence he faced was 77 years.

In court, O’Connor described his actions as “stupid and pointless” and offered an apology to his victims, asking for leniency from the judge. Prosecutors detailed O’Connor’s malicious activities, which included conducting a SIM swap attack, hacking Twitter accounts of high-profile individuals, and cyberstalking victims, including a minor.

O’Connor, who used the online handle PlugWalkJoe, was part of a group that orchestrated the breach of numerous notable Twitter accounts in July 2020. These accounts included those of Apple, Binance, Bill Gates, Joe Biden, and Elon Musk. The hackers leveraged their access to spread cryptocurrency scams. Twitter temporarily blocked users from posting as it grappled with the intrusion, leaving millions of users witnessing the cryptocurrency scams flooding their timelines.

Following the breach, Twitter faced scrutiny for its cybersecurity protections. A subsequent investigation by New York’s Department of Financial Services revealed that the hackers posed as Twitter IT staff to gain unauthorized access. They then hijacked the accounts of politicians, celebrities, and entrepreneurs to promote “double your bitcoin” scams, resulting in approximately $120,000 in illicit gains.

The incident prompted Twitter to enhance its cybersecurity measures, including the introduction of hardware security keys for employees to prevent future phishing attempts. However, two years later, more damning revelations emerged. Peiter “Mudge” Zatko, Twitter’s former head of security, described the hackers’ access as achieving “god mode,” enabling them to impersonate tweets from any account. In a whistleblower complaint filed in 2022, Zatko accused Twitter of cybersecurity failures, referring to the incident as “the largest hack of a social media platform in history.”

When approached for comment, Twitter responded with an auto-reply featuring a poop emoji, maintaining its practice since Elon Musk’s acquisition of the company.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Hacker behind major Twitter breach sentenced to five years in federal prison

Three years after one of the most prominent hacks in recent memory unfolded on Twitter, one of the responsible hackers is now facing federal prison time. Joseph James O’Connor, a 24-year-old UK citizen, was sentenced to five years in a New York federal court on Friday. In May, O’Connor pleaded guilty to four counts, including computer hacking, wire fraud, and cyberstalking. As part of his plea deal, he agreed to forfeit at least $794,000 to the victims of his crimes.

O’Connor, who was extradited from Spain earlier this year, has been in custody since then. During the hearing, Judge Jed S. Rakoff noted that O’Connor would likely serve around half of his sentence after spending more than two years in pre-trial custody. Prosecutors from the Justice Department had called for O’Connor to serve at least seven years in prison. The maximum sentence he faced was 77 years.

In court, O’Connor described his actions as “stupid and pointless” and offered an apology to his victims, asking for leniency from the judge. Prosecutors detailed O’Connor’s malicious activities, which included conducting a SIM swap attack, hacking Twitter accounts of high-profile individuals, and cyberstalking victims, including a minor.

O’Connor, who used the online handle PlugWalkJoe, was part of a group that orchestrated the breach of numerous notable Twitter accounts in July 2020. These accounts included those of Apple, Binance, Bill Gates, Joe Biden, and Elon Musk. The hackers leveraged their access to spread cryptocurrency scams. Twitter temporarily blocked users from posting as it grappled with the intrusion, leaving millions of users witnessing the cryptocurrency scams flooding their timelines.

Following the breach, Twitter faced scrutiny for its cybersecurity protections. A subsequent investigation by New York’s Department of Financial Services revealed that the hackers posed as Twitter IT staff to gain unauthorized access. They then hijacked the accounts of politicians, celebrities, and entrepreneurs to promote “double your bitcoin” scams, resulting in approximately $120,000 in illicit gains.

The incident prompted Twitter to enhance its cybersecurity measures, including the introduction of hardware security keys for employees to prevent future phishing attempts. However, two years later, more damning revelations emerged. Peiter “Mudge” Zatko, Twitter’s former head of security, described the hackers’ access as achieving “god mode,” enabling them to impersonate tweets from any account. In a whistleblower complaint filed in 2022, Zatko accused Twitter of cybersecurity failures, referring to the incident as “the largest hack of a social media platform in history.”

When approached for comment, Twitter responded with an auto-reply featuring a poop emoji, maintaining its practice since Elon Musk’s acquisition of the company.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

The ‘superglue effect’ of eSIMs on fintech

Southeast Asia is accustomed to all-in-one apps, so...

Swiggy’s One BLCK launch faces confusion, restaurants say ‘unaware...

Restaurants in Mumbai have denied any knowledge of Swiggy’s...

Accenture quarterly earnings: Accenture quarterly numbers point to strong...

India’s $254-billion technology outsourcing industry, key to helping...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!