Hacker reveals password to NFL Twitter account after taking it over to announce Roger Goodell's fake death

NFL with twitter birds

Illustration by Bruno Moraes

NFL punted on password security.

Roger Goodell is not dead, though you'd be forgiven for thinking he is. After all, the official Twitter account of the National Football League said as much on Tuesday. The announcement didn't come from a league official, but rather a hacker who gained access to the account.

For the brief period during which the hackers had control over the account, they fired off an attention-grabbing tweet that immediately started making its way across the Twitterverse. "We regret to inform our fans that our commissioner, Roger Goodell, has passed away. He was 57. #RIP," the tweet read.

The tweet was quickly deleted from the account, which seemed to irritate the hijacker, who responded by tweeting “Oi, I said Roger Goodell has died. Don’t delete that tweet.” One final tweet, "OK, OK, you amateur detectives win. Good job," was sent out before the account went silent as the NFL attempted to regain control. 

Brian McCarthy, the vice president of communications, quickly tweeted to confirm the NFL account was compromised and assured that the league's commissioner was in fact alive.

"The NFL Twitter account was hacked," McCarthy confirmed to the Daily Dot. "We have engaged law enforcement to look into the matter. We are reviewing and strengthening our cyber-security measures."

During the hack, the NFL account followed one new person on Twitter: an account named IDissEverything. The account has since been suspended, but the Daily Dot reached the user via email, where IDissEverything confirmed their role in the hack.

IDissEverything said the hack was a team effort by Peggle Crew, a hacking collective who previously took over Ringo Starr's Twitter account. During the half-hour period that Peggle Crew had access to the NFL Twitter account, the group attempted to lock the league out by "changing emails and kicking everyone off the TweetDeck team," according to IDissEverything. They were unable to do so. 

"The flurry of activity after the first tweet meant that someone at Twitter probably noticed and froze the account," IDissEverything explained.

IDissEverything said the password to the NFL Twitter account was olsen3culvercam88, and was acquired after Peggle Crew "managed to get into the email of a social media staffer at the NFL, where we found the credentials in a message." IDissEverything confirmed that the Peggle Crew's acquisition of the password was unrelated to recent data breaches at popular social networking sites including LinkedIn, Tumblr, and MySpace.

The NFL account is the latest in a line of popular Twitter accounts to get hijacked. Just weeks prior to this occurrence, Katy Perry had her account breached as well. 

Lana Del Rey's account on the platform was compromised earlier on Tuesday, and Mark Zuckerberg's Twitter account was taken over on Monday after his embarrassingly easy password was discovered in the LinkedIn security breach that dated back to 2012.

In response to the hack, Roger Goodell instinctively suspended Tom Brady for another four games just to be safe.

H/T Deadspin

Promoted Stories Powered by Sharethrough
Debug
Marvel's heroes are at odds again in 'Civil War II'
Ten years after the crossover event that inspired Captain America: Civil War, Marvel is launching Civil War II, another cataclysmic feud between two factions of superheroes. Prompted by the appearance of a precognitive Inhuman named Ulysses, the Marvel heroes take sides over a Minority Report-style question about whether they should change the course of future events.
From Our VICE Partners
Group

Pure, uncut internet. Straight to your inbox.

Thanks for subscribing to our newsletter!