Did the Huffington Post have its Twitter account hacked?

Graham Cluley
Graham Cluley
@[email protected]

Warnings spread like wildfire across Twitter today, suggesting that the popular Huffington Post blog had fallen victim to hackers, who had managed to break into its Twitter account and post offensive messages.

Sure enough, if you visited the @HuffPostNews Twitter account there were plenty of unsavoury messages, many seemingly posted by someone sympathetic to right wing politics.

Here’s a video I made about the incident:


However, you shouldn’t always be quick to jump to conclusions.

Sign up to our free newsletter.
Security news, advice, and tips.

I noticed that the @HuffPostNews account only had about 1900 Twitter followers – a surprisingly low number for a blog so popular. What was more, the Huffington Post’s own website points to a Twitter account called (imaginatively) @huffingtonpost, which has a somewhat more impressive half a million-or-so devoted fans.

Yes, it does look like a Twitter account was hacked – but it wasn’t necessarily one belonging to the Huffington Post. Anybody can create an account on Twitter and call it pretty much whatever they like. My guess is that someone created an account on Twitter called @HuffPostNews and used the rather natty Twitterfeed service to automatically tweet the latest headlines from the real Huffington Post’s RSS feed.

Some 1900 or so other Twitter users innocently followed the @HuffPostNews account, believing it to be the real Huffington Post – and it didn’t matter that it wasn’t until the account was hacked and offensive messages began to be posted.

The good news is that the hacked account was used for posting juvenile messages rather than for spreading spam or malicious links, and Twitter now appears to have suspended the account.

But there’s a couple of lessons for all of us here:

1. Don’t believe that just because a Twitter account claims to be a person or a particular organisation that it definitely is.

2. Ensure that you are properly defending your Twitter account by choosing strong passwords, not sharing them with third party websites, and running up-to-date security software on your computers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.