The Twitter and Facebook accounts of 15 National Football League (NFL) teams have been hacked by a third-party platform.
Amongst those who were affected were players of US teams Kansas City Chiefs and San Francisco 49ers, who will compete in the Superbowl Championship next month.
Dubai-based hacking group, OurMine, took responsibility for the attack, claiming it was a stunt to point out how much internet security still needs to be improved as it is currently “still slow”.
Whilst some accounts had their headers or profile pictures deleted or changed, many also had identical messages posted, “Hi, we’re back (OurMine). We are here to show people that everything is hackable. To improve your account’s security, contact us”.
The OurMine Twitter account was taken down on Monday, with the social network commenting, “As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners at the NFL to restore them”.
It was reported that the group had reached out to the NFL before the attack to propose its services in order to improve the league’s security – but after receiving no response it appears that they took matters into their own hands.
The group has been active since 2016 and is believed to be made up of several Saudi teenagers. They are known to have hacked well-known individuals such as Google’s Chief Executive, as well as companies such as Netflix and Marvel in the past, in a bid to offer private cybersecurity services.
Whilst the exact details of the hacks are currently unclear, it has been revealed that a large number of the tweets posted by the group came from Khoros – a web service used by digital marketing and public relations sectors to manage social media accounts and measure social media engagements. A Khoros spokesperson stated that “the Khoros platform was not compromised.”
However, the OurMine crew have previously admitted to using improper methods to gain access to accounts – such as taking passwords that were leaked during data breaches and using them for their own use.
Whilst the group claim to be using their ability to hack to raise awareness of the lack of knowledge surrounding cybersecurity, it doesn’t seem like the most moral way to do it…
Do you agree with OurMine’s actions? Let us know @hyve!