Early this morning (GMT time), we discovered that our Twitter account was defaced with provocative and distasteful political propaganda. We quickly got to work securing access to the account, removing the offensive tweets and broadcasting a message that all Blockchain services, including wallets and API were not impacted whatsoever. Unfortunately, we were not the only firm swept up in this issue. As this article notes, Forbes, BBC North America, Amnesty International, the European Parliament were among the hundreds of accounts impacted.
Twitter acknowledged the incident in a statement to Gizmodo stating:
We are aware of an issue affecting a number of account holders this morning. Our teams are working at pace and taking direct action on this issue. We quickly located the source which was limited to a third party app. We removed its permissions immediately. No additional accounts are impacted. Advice on keeping your account secure can be found here.
What we know is that a third party social media analytics provider called The Counter, which many large firms (including Netflix, YouTube, Slack, the UN and Adobe) rely on, was compromised. We will no longer be using them. At no time was Blockchain the deliberate target of this external breach. Here is what they had to say:
We're aware that our service was hacked and have started an investigation into the matter.We've already taken measures to contain such abuse
— TheCounter (@thecounter)
While the motivation for this bizarre social media attack is still unknown, we’re sorry for any confusion or offense this may have caused. We take these issues extremely seriously and have already kicked off an internal audit of our security practices for both our analytics providers and also specifically our social and community channels to prevent a similar incident from happening again.