The Twitter account for U.S. Central Command (CENTCOM) was apparently hacked Monday afternoon by supporters of the Islamic State.
About 12:30 p.m. ET, @CENTCOM began sending out pro-IS tweets and its banner and avatar were changed to read “i love you isis.” By 1 p.m. ET, the tweets remained but the avatar and banner had been removed; by 1:12 p.m. ET, the account was suspended entirely.
White House Press Secretary Josh Earnest said during a press briefing that the Obama administration was taking the hack seriously, but cautioned that there is a “significant difference between what is a large data breach and the hacking of a Twitter account.”
An anonymous defense official told NBC News that the hack did not seem to be a security threat:
LATEST: CENTCOM Twitter hack under control; no classified info posted. Defense official: ‘clearly embarassing, but not a security threat.’
— NBC Nightly News (@NBCNightlyNews) January 12, 2015
The hackers, calling themselves the “CyberCaliphate,” posted threatening messages that warned U.S. soldiers their personal information had been compromised. A message posted to anonymous sharing service Pastebin claimed to contain confidential data from soldiers’ mobile devices.
“ISIS is already here, we are in your PCs, in each military base,” one tweet read.
Some tweets contained spreadsheets that appeared to list phone numbers and email addresses of active and retired military personnel.
Two more tweets contained what appeared to be slides of military operations against China and North Korea.
CENTCOM’s YouTube account also appears to have been hacked. The same banner that appeared on the agency’s Twitter account was displayed on its YouTube page along with IS propaganda videos. The account had been removed by 1:45 p.m. ET.
The agency released the following statement on the hack Monday afternoon:
Earlier today, U.S. Central Command’s Twitter and YouTube sites were compromised for approximately 30 minutes. These sites reside on commercial, non-Defense Department servers and both sites have been temporarily taken offline while we look into the incident further. CENTCOM’s operational military networks were not compromised and there was no operational impact to U.S. Central Command. CENTCOM will restore service to its Twitter and YouTube accounts as quickly as possible. We are viewing this purely as a case of cybervandalism.
In the meantime, our initial assessment is that no classified information was posted and that none of the information posted came from CENTCOM’s server or social media sites. Additionally, we are notifying appropriate DoD and law enforcement authorities about the potential release of personally identifiable information and will take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible.
This post has been updated.
