US-based Mexican restaurant chain Chipotle apologised on Sunday morning after its Twitter account was hacked by intruders who used it to post racist and offensive messages targeting the US government and government agencies.
The hack occurred late on Saturday, and lasted only a few minutes before the company was able to regain control, according to reports and to the accounts of other Twitter
However, within that time the hackers replaced the company’s logo with a swastika and posted a string of messages that were widely circulated across the social media service.
“So if you work in the media department at Chipotle, how much of a panic attack are you having right now?” one user wrote.
The company apologised in a Twitter message shortly after retaking control of the account. “We apologise for the nature of the posts that were made during that time, and we are now conducting an investigation to try to determine what happened and who might have been involved,” a company spokesman stated.
The attackers appear to have hijacked a Domain Name System (DNS) record that maps a company’s domain name to a specific IP address, allowing them to reroute Chipotle’s web and email traffic to their own servers, according to DNS records posted online.
They then would have been able to request a password reset message for the Twitter account, which would have been sent to an email address under their control.
The DNS compromise was also used to redirect requests for Chipotle’s web page to the Twitter profile of the user who claimed responsibility for the hack, and which has now been disabled.
Before the account was removed, the user wrote that he had carried out the attack “for the lulz”.
Such a hack would not have affected the integrity of Chipotle’s own servers.
The DNS is the Internet-wide system that translates human-readable web addresses into numeric Internet Protocol locations.
Chipotle is known for its social media-based promotions, one of which, in 2013, ironically included a faked hack of its Twitter account.
Are you a security pro? Try our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…