(Reuters) - The Financial Times’ website and Twitter feeds were hacked on Friday, renewing questions about whether the popular social media service has done enough to tighten security as cyber-attacks on the news media intensify.
The Syrian Electronic Army, an online group that supports Syrian President Bashar al-Assad, was behind the incident which followed a phishing attack on the company’s email accounts, FT reported on its website.
The attack is the latest in which hackers commandeered the Twitter account of a prominent news organization to push their agenda. Twitter’s 200 million users worldwide send out more than 400 million tweets a day, making it a potent distributor of news.
“Twitter has become a big enough media outlet that they should provide better security for high-value accounts like the Associated Press, the FT and others,” said Mikko Hypponen, chief research officer with security software maker F-Secure.
Several attempts to reach Twitter for comment were unsuccessful. The company’s media relations team made no mention of the attack on its own Twitter feed.
Last month, the Syrian Electronic Army took control of the Associated Press’ official Twitter feed and sent out a bogus message that two explosions at the While House injured President Obama. The false tweet triggered a brief but steep sell-off in the U.S. financial markets.
That followed a spate of attacks in the past year by the group on Twitter accounts of other media organizations, including the BBC, National Public Radio, CBS, Reuters News and the satirical news website The Onion.
Over the past few years security experts have become increasingly vocal in calling for Twitter to introduce an additional safety measure, a two-step process to log in, that would help reduce breaches.
This type of authentication has long been used by governments and big corporations and in recent years some consumer Internet companies like Facebook Inc, Google Inc and Microsoft Corp have embraced it.
“You can get two-factor authentication for World of Warcraft, but you can’t get it for Twitter. Go figure,” Hypponen said, referring to the popular video game.
In Friday’s hacking of the FT, the Syrian Electronic Army - which regularly targets media organizations it sees as sympathetic to Syria’s rebels - posted links on the newspaper’s Twitter feed to YouTube.
The video purports to show members of the al Qaeda-linked Nusra Front Syrian rebel group executing blindfolded and kneeling members of the Syrian army.
The video could not be independently verified.
“Today various FT Twitter accounts and one FT blog (not more as previously stated) were compromised by hackers. We have now secured those accounts are working to resolve the issue as quickly as possible,” the FT, owned by Pearson Plc, said in an updated statement.
Stories on the FT’s website had their headlines replaced by “Hacked By Syrian Electronic Army” and messages on its Twitter feed read: “Do you want to know the reality of the Syrian ‘Rebels?'” followed by a link to the video.
The FT’s feeds dedicated to technology and commodities were among those affected.
Also on Friday, the Kyodo news agency reported that Yahoo Japan suspects up to 22 million of its 200 million user IDs may have been leaked. Kyodo said Yahoo Japan also detected an unauthorized attempt to access the administrative systems of its web portal.
Additional reporting by Mohammed Abbas and Kate Holton in London and Ben Berkowitz in Boston; Editing by Mark Trevelyan, Chris Reese and Richard Chang