In 2020, Twitter accounts for Barack Obama, Joe Biden, and others were compromised in a major hack. After the accounts of the former and current president — as well as public figures like Elon Musk and Bill Gates — were breached, hackers sent tweets hawking a cryptocurrency scam.
Now, fast forward to Friday, and one of the hackers, Joseph James O’Connor, has been sentenced to five years(opens in a new tab) in prison for cybercrimes, the BBC reports. O’Connor must forfeit at least $794,000 to the victims of his crimes, as well.
The 24-year-old UK citizen, known as PlugwalkJoe online, was extradited from Spain to the U.S. in April. In May, O’Connor pleaded guilty(opens in a new tab) to four counts of computer hacking, wire fraud, and cyberstalking, according to Tech Crunch.
O’Connor and fellow hackers used social engineering tactics on Twitter employees to gain access to its network. According to an investigation by New York’s Department of Financial Services, they called Twitter workers and claimed to be the IT department(opens in a new tab).
Graham Ivan Clark, another hacker known as Kirk, used that access to hijack and reassign Twitter accounts, Tech Crunch reported. Basically, the hackers had access to any Twitter account they wanted. (Clark pleaded guilty(opens in a new tab) to fraud charges in 2021, and was sentenced to three years in prison.) The hackers stole around $120,000.
Twitter responded at the time by temporarily preventing anyone from tweeting and resetting passwords:
Following the attack, Twitter said it improved cybersecurity controls(opens in a new tab).
O’Connor called his crimes “stupid and pointless” in court, according to Tech Crunch, and apologized to his victims. U.S. Assistant Attorney-General Kenneth Polite Jr. told BBC in a statement that O’Connor’s actions were “flagrant and malicious” and that he “harassed, threatened and extorted his victims, causing substantial emotional harm.”