Prominent Black Lives Matter activist DeRay McKesson fell prey to an "intense" Twitter hack and sophisticated social engineering, capping off a week the social media site was rocked with rampant security breaches.
He doesn't support or endorse Donald Trump, the activist proclaimed on Twitter after he'd regained control of his account Friday afternoon. That's because Mckesson's account, while it was possessed by the hacker or hackers, tweeted his unlikely endorsement of Trump for president.
He began working to improve the city of Baltimore back when he was a teenager. He is said to have worked with local non-profits during those years and to have served on the Maryland Advisory Board on After-School Opportunity Programs.
McKesson began working for the Baltimore school system back in 2012 and would later gain prominence for his work in Baltimore, when the city lashed out last year against the death of Freddie Gray.
In a week in which millions of Twitter credentials were leaked and several high-profile accounts were hacked, McKesson's incident may have been one of the most notable because of the lengths the hacker went through to gain access and the preventable nature of the attack.
By calling @verizon and successfully changing my phone's SIM, the hacker bypassed two-factor verification which I have on all accounts.
— deray mckesson (@deray) June 10, 2016
The Trump endorsement appears to have been the worst of the hacker's work, though it fooled few if any of McKesson's followers. Verizon has said that its security teams are investigating McKesson's claims and asserted that it takes its customer's privacy and security "very seriously."
An Ounce Of Prevention
In recent days, Twitter has been stepping up its security checks and has been investigating claims that its users' passwords were being sold on the dark web. But Twitter said it has found no evidence that any user credentials shared on the dark web were amassed as a result of the massive attacks that have been levied against the platform as of late.
"In each of the recent password disclosures, we cross-checked the data with our records," Twitter stated."As a result, a number of Twitter accounts were identified for extra protection. Accounts with direct password exposure were locked and require a password reset by the account owner."
Twitter has recommended that users employ login verification, though that didn't stop the attack on McKesson's account. And the company recommends that users set up passwords they don't use on other sites and to use a password manager to ensure setting up strong passwords.
The company behind the social networking platform also recommend that users scrutinize reports of security breach, which Twitters says may not always be accurate. Hackers take advantage of such fears to reheat information gained from older breaches.
"We take security concerns seriously, and investigate issues as they arise, but everyone should also scrutinize the merits of any credential claim," stated Twitter. "We're always focused on the issues that present a real threat to account security."
No, I do not endorse Trump as the next President. He cannot be the President of the United States. He is racist & a bigot, unfit to lead. — deray mckesson (@deray) June 10, 2016