Growing contentions between the Netherlands and Turkey have been spurring a
backlash online—but the biggest one came through a recent Twitter hack.
Early Wednesday morning, thousands of tweets containing swastikas and
Turkish hashtags that translated to “NaziGermany,” “NaziMania” and
“NaziNetherlands” flooded the platform.
The attackers used the service’s permissions to post a message in Turkish,
reading “卐 #NaziGermany👌#NaziNetherlands, a little👋#OTTOMAN SLAP for you,
see you on #April16th.” That date is when Turkey is planning to hold a
referendum on whether to grant stronger powers to its president Tayyip
the tweets also linked to a pro-Erdoğan video on YouTube.
The breach came through a third-party tool called Twitter Counter, which
many Twitter users—including celebrities and brand managers—use to gather
analytics. It affected brand accounts including Amnesty International,
Forbes magazine, Duke University and BBC North America.
After removing the messages, a few brand managers tweeted about the hack:
A Twitter spokesperson also issued the following statement to reporters:
We are aware of an issue affecting a number of account holders this
morning. Our teams are working at pace and taking direct action on this
issue. We quickly located the source, which was limited to a third-party
app. We removed its permissions immediately. No additional accounts are
impacted. Advice on keeping your account secure can be found here.
Twitter Counter explained through a series of tweets that it blocked users’
capability to tweet through its service—and reminded people that it doesn’t
store sensitive user data:
Keep your cool in a crisis with these 13 tips.]
It’s not the first time the organization has been at the center of a
security breach involving high-profile accounts.
Twitter Counter reported an attack in November in which accounts from
and others were compromised and posting spam messages. Twitter Counter
apologized and said it had fixed the problem.
Though the organization said it doesn’t store users’ passwords or credit
card information, the crisis should be a reminder to brand managers to
check their organizations’ social media accounts—especially those connected
to third-party posting or monitoring apps.
As usual, this is a good time to double check your account and any third
party apps or services—you can find
instructions on how to do that here
—you may have connected to it. If they get hacked, then you get hacked, and
no one needs that. Once you're done with that, we'd also recommend making
sure you use a unique password and have two-factor authentication enabled,
just to be thorough.
It’s also a reminder that security breaches can often happen through social
media sites and services, so it’s always a good idea to regularly change
your password (or use a password service to further protect your accounts).