OurMine hackers attack and takeover NFL Twitter accounts
The hacker group posted messages claiming "everything is hackable"
The social media accounts for 15 NFL teams have been hacked by a group called OurMine which claims its cyber security advice was ignored ahead of the hack.
Twitter and Instagram accounts for teams such as the San Francisco 49ers and the Greenbay Packers were accessed by a third-party with strange posts popping up on Monday morning.
The official Twitter account for the league was also hacked with OurMine claiming responsibility in a post that has been since been deleted.
"Hi, we're Back (OurMine). We are here to show people that everything is hackable," the tweet said.
OurMine, which is reportedly based in Dubai, told the BBC that it had contacted the NFL before its cyber attack to offer services to improve its security but received no response.
One of the first teams to be hacked was the Chicago Bears. The franchise's Twitter account posted a message claiming it had been sold to a Saudi Arabian account.
The group followed up with the same tweet announcing OurMine was back and that everything is "hackable".
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Just kidding," the tweet read. "We are here for 2 things: 1) announce that we are back 2) Show people that everything is hackable."
A fan account for the Detroit Lions messaged the Bears jokingly asking for a player trade and the hackers messaged back.
The Bears account was back under control on Monday night, as it posted: "Apologies that our account was compromised this morning. We're back in the game & ready for the Pro Bowl."
A Twitter spokesperson confirmed the accounts had been hacked: "As soon as we were made aware of the issue, we locked the compromised accounts and we are currently investigating the situation."
Robert Ramsden-Board, VP of EMEA at Securonix, noted that cyber criminals are increasingly targeting high-profile social media accounts.
"In this instance, compromising NFL accounts with a high following, the hackers were able to generate buzz and cultivate a large following," he siad. "Organisations like the NFL should tighten up on their security controls, including social media accounts, especially around significant events - you can bet hackers and those looking to make mischief will also have these dates in their calendars."
IT Pro has contacted the NFL for comment.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.