Twitter says ‘no evidence’ of Trump hack after president accused of using ‘Maga2020!’ password

'We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States’, Twitter says

Adam Smith
Thursday 22 October 2020 18:55 BST
Comments
(Getty Images)
Leer en Español

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Twitter says it has "no evidence" that Donald Trump's account was hacked, after an ethical hacker claimed to have broken into it using just the password "maga2020!".

Juddson Deere, the White House deputy press secretary, also told The Independent that the claims by the hacker are “absolutely not true but we don’t comment on security procedures around the President’s social media accounts.”

Victor Gevers, a security expert, claimed to have had access to the president’s direct messages, could change his profile, and tweet, according to de Volkskrant, which reported that it had seen screenshots from the president’s account.

It only took the hacker five attempts to guess the president’s password, he claimed.

Gevers apparently alerted Mr Trump and US governmental services about the breach, and was then contacted by the Secret Service.

Mr Trump did not reply to an email sent to him by Gevers advising him to choose a more secure password, he said.

The president’s account has reportedly been made more secure.

According to Gerver’s claims, the account had previously not had two-step authentication activated for the account, which requires that a login be verified via access to another personal device such as a physical security key or authenticator app on another computer.

Gevers was one of three hackers who accessed president Trump’s account in 2016, when the accounts password was reportedly “yourefired”.

“That we would succeed in doing it again so soon, was not planned,” he told de Volkskrant.

“I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information.”

The hacker was apparently shocked that it was possible for him to so easily access the president’s account.

“Why is it possible for someone from a different time zone to log into such an important account? Why doesn’t Twitter demand better passwords? If I can access his account, then foreign nations can do so as well, right? Why aren’t the persons who are supposed to protect the president informed when someone reports that his account is unsafe?” he said.

Contacted by The Independent, Mr Gevers refused to provide firm evidence that he had access to the account, such as emails with the Secret Service or screenshots that could only be taken when logged in as Mr Trump.

"We've seen no evidence to corroborate this claim, including from the article published in the Netherlands today", Twitter said in a statement. 

"We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government."

Twitter would not specify what measures have been taken to secure such accounts.

High-profile Twitter accounts have been compromised in the past.

In July this year, a cryptocurrency scam that targeted several high-profile users, including Elon Musk and Bill Gates as well as Joe Biden, Barack Obama, Kanye West.

Scammers were able to take control of users' accounts and ask for users to send $1,000 to a Bitcoin account with the promise that their deposit would be doubled in return.

Mr Trump recently claimed that “nobody gets hacked” at a campaign event in Tucson, Arizona.

"Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15 percent of your password,” Mr. Trump said.

While the president was referencing the recent suspension of C-Span political editor Steve Scully, it is unclear exactly what Mr Trump meant by his comment.

Hackers can get credentials via keyloggers (tools that secretly record every key you press), phishing (a method of tricking you into giving up your personal information), and third-party data breaches.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in