When beloved children’s characters starts dropping f-bombs on Twitter, it’s time to teach a lesson about cybersecurity.
Over the weekend, Sesame Street star Elmo’s verified account was apparently hijacked and used to post a string of profane messages, including one describing Donald Trump as a “child f****r” and referencing Jeffrey Epstein.
The messages described Donald Trump as a “puppet” (not a muppet) of Israeli Prime Minster Benjamin Netanyahu, claimed Trump was named in the Epstein files, and called for Jews “to be exterminated.”
The messages were published on Twitter for less than 30 minutes, but Elmo has over 600,000 followers – so it’s not surprising to hear that a good number of people saw them and some, inevitably, took screenshots.
Although the unauthorised tweets have been removed, at the time of writing the account still points to a Telegram channel run by an individual called “Rugger” who appears to be claiming credit for the hack.
Clearly whoever was responsible for cleaning-up Elmo’s hacked account has not finished the job.
It is unclear whether how the account was compromised, but all brands with a presence on social media would be wise to ensure that they have used unique, hard-to-crack passwords, have multi-factor authentication enabled, and have checked what third-party applications and services they have authorised to access their account.
I no longer have a Twitter account, but back when I did I found out the hard way what bad things that can happen when a third-party service linked to your Twitter is compromised, and decides to start posting offensive messages.
