Two Scottish teens arrested over Met Police Twitter hack

Obscene messages appeared on force's official Twitter account following breach of MyNewsDesk platform

met police website

Two teenagers thought to have been involved in a hack on the Metropolitan Police force's web site have been arrested and charged in Scotland.

In July, a series of obscene messages appeared on the Met's Twitter account, with fake press releases also appearing on its webpage.

One message called for the release of a London based rapper called "Digga D" and other tweets had expletive messages directed at the police itself.

The arrests were made by the Scottish police force as the hack originated from Glasgow and beyond the jurisdiction of London's Metropolitan Police.

'Two men, aged 18 and 19, from the Lossiemouth and Glasgow areas respectively, have been arrested and charged in connection with unauthorised access and publication of content on the Metropolitan Police Service's news platform on Friday 19 July 2019," a Police Scotland spokesperson told Metro.

Advertisement - Article continues below

Immediately following the incident in July, some speculated that a high-profile hacker from America known as 'Cal' was behind the breach, but that has proved wildly inaccurate with the arrests in Scotland.

The teenagers also didn't gain access directly to the force's Twitter account, as security researcher Graham Cluley noted, the teenagers actually hacked a third-party service for auto-posting content called 'MyNewsDesk'.

"The Met Police should be relieved that something more malicious wasn't posted (such as a phishing attack or link to a website hosting malware) but even though this was clearly more mischievous it's still against the law," he told IT Pro.

"Lots of people do dumb thoughtless things when they're teens, but on social media, it's possible to have a much wider impact. Young people need to realise there can be serious consequences and repercussions when they do something they imagine is a harmless prank, and the police may well not be amused."

MyNewsDesk is a multimedia public relations platform that the police use to distribute notices and release on its social media, email and websites. At the time, the Met said there was no compromise to its IT network and that it had made changes to its accounts on the microsite.

"In response to the incident we are working closely with Mynewsdesk and specialist Met cyber-crime investigators to fully understand what has occurred and if there are criminal offences," a statement said. "Immediate changes have been made to our accounts in response to the incident. There has been no compromise of the Met Police's IT network."

In May, two months before these teenagers gained access, the British Transport Police had staff details accessed via its website. A section of that had to be taken down and replaced with a Tumblr feed.

As yet, there is no date set for sentencing, but it is likely the pair could be looking at a possible 2-year stint in prison under the 'unauthorised access to computer material' provision of the Computer Misuse Act 1990.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019

Five signs that it’s time to retire IT kit

29 Nov 2019