- Majority of threats made since El Paso and Dayton shootings have been made online Thursday 8:00 PM
- Miley Cyrus tweets about cheating allegations and penis cake drama Thursday 6:32 PM
- ‘The Dark Crystal: Age of Resistance’ dazzles with a timely tale Thursday 6:00 PM
- The DOJ emailed a white nationalist blog post to immigration judges Thursday 5:31 PM
- The Amazon rainforest is on fire–and people are using memes to cope Thursday 4:11 PM
- Microsoft contractors listened in on Xbox users Thursday 2:15 PM
- Anti-vaxxer assaults pro-vaccine lawmaker on Facebook Live (updated) Thursday 2:15 PM
- Oreos licked by singer Lewis Capaldi are being auctioned off on eBay Thursday 1:54 PM
- Zach Braff predicted Sean Spicer would be on ‘Dancing With the Stars’ 2 years ago Thursday 1:38 PM
- NYPD sergeant who watched Eric Garner die punished with lost vacation days Thursday 1:27 PM
- Brie Larson haters have a meltdown over a joke about Thor’s hammer Thursday 1:26 PM
- This comedian attempted to make fun of women on Twitter—and it did not go over well Thursday 1:04 PM
- Logan Paul wants to help the Amazon rainforest Thursday 12:36 PM
- Nutaku announces redesign and filters for LGBTQ porn games (updated) Thursday 12:25 PM
- This video of dozens of inflatable mattresses taking off in the wind is perfect Thursday 12:20 PM
This story contains images of hate speech and may be NSFW.
Sometimes the fast-food burrito chain Chipotle is pretty good at Twitter; other times, not so much. Earlier this week, Chipotle asked its fans to tweet haikus about how much they loved the burritos and the results were not a disaster, which is about the best #brands on social media can hope for at this point. All was good. Then, a few days later, the company’s Twitter account was hacked, its avatar was changed to a swastika, and it started tweeting a stream of trolling bile.
The hack occurred late Saturday night. While the takeover only lasted a few minutes with the tweets quickly being scrubbed from the company’s account, screenshots of the message started circulating around the microblogging service almost immediately.
Since the swastika appeared throughout Twitter’s Web presence during the duration of the attack, going back and looking at Chipotle’s older tweets was also pretty awkward.
The company apologized shortly after regaining exclusive control over the account.
We apologize for the very offensive messages sent out from our account earlier tonight. We were unfortunately hijacked temporarily. -Joe
— Chipotle (@ChipotleTweets) February 8, 2015
During the hack, Chipotle’s Twitter bio was changed to point to two other accounts, presumably belonging to the hackers claiming credit for the attack. Both of those Twitter accounts have been suspended. Although, before the accounts were erased, one of the hackers explained the motivation behind the attack:
It appears as if the attack was accomplished by the hackers compromising Chipotle’s domain name system (DNS), which converts numerical IP addresses into actual words human beings can understand. The hackers were able to compromise Chipotle’s DNS and make it so emails originally sent to an internal company email address were instead routed to one they controlled. Once they had access to Chipotle’s email, all the hackers had to do was ask for a password reset on the account, intercept the email, change the password to something of their choosing, and then start tweeting Nazi stuff.
The Electronic Frontier Foundation’s Parker Higgins told to the Daily Dot that, even though the hackers messed with Chipotle’s DNS, it doesn’t mean the company’s official website was necessarily compromised. DNS functions on a different “layer” of the Internet than do websites, so the hackers may have only had the ability to point traffic initially directed to Chipotle to other online locations.
Representatives from Chipotle did not immediately respond to a request for comment.
The hackers used that ability to redirect visitors to Chipotle.com to the Twitter profile of the person claiming credit for the attack.
Naturally, everyone on Twitter hoped that the hack would somehow result in getting free burritos—even though it almost certainly won’t. Everyone knows the only way to get free Chipotle is to write burrito-themed haikus.
Chipotle should just give free food to all the black people for a day to sincerely apologize
— $yddd (@Miley_Highrus) February 8, 2015
Chipotle’s hacked tweets have left me deeply offended & the only way I could ever grant forgiveness is through free burrito bowls AND guac.
— jerica (@jericagolez) February 8, 2015
Ultimately, the moral of the story is that Chipotle probably needs better online security procedures.
Photo by proshob/Wikimedia Commons (CC BY-SA 3.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.