No Criminal Charges for Accessing Trump's Twitter AccountReport: Dutch Police Say Security Researcher Acted Ethically
Dutch police will not press charges against a security researcher who claimed he gained access to U.S. President Donald Trump's official Twitter account earlier this year by guessing the password. Police determined the researcher acted ethically by alerting authorities to the access and offering risk mitigation advice, according to a local news report.
Victor Gevers, a security researcher at the GDI Foundation and chairman of the Dutch Institute for Vulnerability Disclosure, claimed in October that it took only five guesses before he hit on the password "maga2020!" to gain access to @RealDonaldTrump Twitter accounts. Gevers claimed that he had the ability to change the password and profile picture and could have downloaded Trump's Twitter history, which would have included the direct messages associated with the account.
And while news of the Trump account access prompted a police investigation, a representative of the Dutch Public Prosecution Service said Gevers acted ethically by attempting to contact numerous U.S. government agencies, including the FBI, Secret Service and CIA, to alert them to the vulnerability of the account and offer advice on how to mitigate the risk, according to the local news report.
"It was enough for the investigators to conclude that under the special circumstances, the criminal liability for hacking itself has lapsed," the news report notes.
A spokesperson for the White House denied that the president's Twitter account was hacked. Twitter also denied that anyone had accessed the account (see: White House Denies Trump's Twitter Account Was Hacked).
In July, Twitter's security procedures were called into question when 130 high-profile accounts were compromised as part of a cryptocurrency scheme. Twitter's investigation found the attackers "successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections" (see: Twitter Hijackers Used Well-Honed Fraudster Playbook ).
About 360 people lost almost $130,000 in the scam. At least three people, including a teenager, face charges related to the incident (see: 3 Charged in Twitter Hack).
In September, India's Prime Minister Narendra Modi's Twitter account was taken over and used for a similar scam (see: Another Twitter Hack: This Time, India's Modi Targeted ).