Two Scottish teens arrested over Met Police Twitter hack

Obscene messages appeared on force's official Twitter account following breach of MyNewsDesk platform

met police website

Two teenagers thought to have been involved in a hack on the Metropolitan Police force's web site have been arrested and charged in Scotland.

In July, a series of obscene messages appeared on the Met's Twitter account, with fake press releases also appearing on its webpage.

One message called for the release of a London based rapper called "Digga D" and other tweets had expletive messages directed at the police itself.

Advertisement - Article continues below

The arrests were made by the Scottish police force as the hack originated from Glasgow and beyond the jurisdiction of London's Metropolitan Police.

'Two men, aged 18 and 19, from the Lossiemouth and Glasgow areas respectively, have been arrested and charged in connection with unauthorised access and publication of content on the Metropolitan Police Service's news platform on Friday 19 July 2019," a Police Scotland spokesperson told Metro.

Immediately following the incident in July, some speculated that a high-profile hacker from America known as 'Cal' was behind the breach, but that has proved wildly inaccurate with the arrests in Scotland.

The teenagers also didn't gain access directly to the force's Twitter account, as security researcher Graham Cluley noted, the teenagers actually hacked a third-party service for auto-posting content called 'MyNewsDesk'.

Advertisement
Advertisement - Article continues below

"The Met Police should be relieved that something more malicious wasn't posted (such as a phishing attack or link to a website hosting malware) but even though this was clearly more mischievous it's still against the law," he told IT Pro.

Advertisement - Article continues below

"Lots of people do dumb thoughtless things when they're teens, but on social media, it's possible to have a much wider impact. Young people need to realise there can be serious consequences and repercussions when they do something they imagine is a harmless prank, and the police may well not be amused."

MyNewsDesk is a multimedia public relations platform that the police use to distribute notices and release on its social media, email and websites. At the time, the Met said there was no compromise to its IT network and that it had made changes to its accounts on the microsite.

"In response to the incident we are working closely with Mynewsdesk and specialist Met cyber-crime investigators to fully understand what has occurred and if there are criminal offences," a statement said. "Immediate changes have been made to our accounts in response to the incident. There has been no compromise of the Met Police's IT network."

Advertisement - Article continues below

In May, two months before these teenagers gained access, the British Transport Police had staff details accessed via its website. A section of that had to be taken down and replaced with a Tumblr feed.

As yet, there is no date set for sentencing, but it is likely the pair could be looking at a possible 2-year stint in prison under the 'unauthorised access to computer material' provision of the Computer Misuse Act 1990.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/phishing/355810/zloader-malware-returns-as-a-coronavirus-phishing-scam
phishing

ZLoader malware returns as a coronavirus phishing scam

27 May 2020
Visit/security/hacking/355806/anarchygrabber-hack-steals-discord-tokens-ids-and-passwords
hacking

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020
Visit/security/hacking/355801/scammers-using-coronavirus-contact-tracing-in-hacking-attempt
hacking

Scammers leverage contact-tracing in hacking attempt

27 May 2020
Visit/security/phishing/355793/gitlab-phishes-its-remote-employees-and-1-in-5-fell-for-it
phishing

GitLab phished its employees and 20% handed over credentials

26 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/infrastructure/server-storage/355785/dell-emc-poweredge-r7525-review-an-epyc-core-density-to-make
Server & storage

Dell EMC PowerEdge R7525 review: An EPYC core density to make Intel weep

26 May 2020
Visit/infrastructure/network-internet/355792/intel-releases-wi-fi-and-bluetooth-driver-updates-for
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020