Establishing Digital Trust: Don't Sacrifice Security for Convenience
Burger King's Twitter account was recently hacked and defaced with a McDonald's logo and an image of McDonald's Fish McBites.
"The account appears to have been taken over Monday morning, when hackers tweeted out 'We just got sold to McDonalds! Look for McDonalds in a hood near you,'" writes The Los Angeles Times' Salvador Rodriguez. "The hackers also clarified that 'For the record, our password was not 'whopper' or anything!' ... Based on a tweet retweeted by the account, it appears the group may have waited for Presidents Day to pull off the hack in order to catch the company on a day its employees may be not working."
"Burger King Worldwide Inc suspended its Twitter account about an hour after it learned of the attack at 12:24 p.m. EST on Monday, company spokesman Bryson Thornton said in an email," writes Reuters' Ilaina Jonas. "'It has come to our attention that the Twitter account of the BURGER KING brand has been hacked,' the company said in a statement. 'We have worked directly with administrators to suspend the account until we are able to re-establish our legitimate site and authentic postings.'"
"Before the feed's suspension, hackers posted tweets that included racial epithets to Burger King's some 83,000 followers -- a tally that ballooned by about 25,000 to more than 108,000 after the hack," notes CNET News' Steven Musil.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"Tweets [were] signed with the tag @DFNCTSC, which stands for 'Defonic Team Screen Name Club,'" notes ReadWrite's Dan Rowinski. "A teenage hacker in the @DFNCTSC group pled [guilty] to hacking Paris Hilton in 2009 and was sentenced to 11 months in a juvenile corrections facility."
"Many brands are using tools like HootSuite and If This Then That to allow multiple people to post [to] a Twitter feed without disclosing the password for the Twitter login itself," writes Sophos' Chester Wisniewski. "While these tools are incredibly powerful, if not used properly they can dramatically increase the password attack surface. ... This is another example of why Twitter needs to introduce two factor authentication as soon as possible."