Pro-Islamic State Group Hacks US Military Twitter, YouTube Accounts

A screenshot of the U.S. Central Command's hacked Twitter account.

Twitter via Kevin Baron

AA Font size + Print

A screenshot of the U.S. Central Command's hacked Twitter account.

Twitter Jihadists rejoice as CENTCOM suffers an embarrassing day on social media. By Patrick Tucker

This story has been updated.

The Twitter and YouTube accounts for U.S. Central Command were hacked on Monday by a pro-Islamic State group for approximately 30 minutes. The so-called “Cyber Caliphate” replaced Central Command’s avatar with a picture of a masked jihadi and then posted several pictures purporting to show the capture of various important Defense Department documents.

“We can confirm that the CENTCOM Twitter and YouTube accounts were compromised earlier today,” said officials from the military command, which is based in Tampa. “We are taking appropriate measures to address the matter. We have no further information to provide at this time.”

One picture claims to display personal information (names, phone numbers, and email addresses) for United States service members. Other JPEGs uploaded to the hacked Twitter account seem to relate to Defense Department strategy and operations, including one called “the use of ISR for an AOR” referring to intelligence, surveillance and reconnaissance area of responsibility. Another appears to show sensitive planning for a potential engagement with China and another with North Korea. Outlets report that these are from MIT’s Lincoln Laboratory, a Defense Department contractor.

Shortly after the incident began, TIME reported that the documents were not classified. However, some of the documents appeared to be from password protected sites, a spokesperson from the Army’s Public Affairs Office told the site  Motherboard.

“You either need to work with the organization or you need to have a common access card…to get into those websites to gain that information,” the spokesperson told Motherboard. “You have to work with that office, and have a need for that information, to receive that information. Some of it may be personal addresses, phone numbers, information of that sort, so it’s not something that we’d make publicly available.”

CENTCOM later released a second statement confirming what many suspected: the duration of the hack was approximately 30 minutes, that operational networks were “not compromised,” that none of the released information appeared to be classified, and that none of the information was from CENTCOM servers or social media sites.

Additionally, we are notifying appropriate DoD and law enforcement authorities about the potential release of personally identifiable information and will take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible,” says the statement.

Multiple videos were uploaded to CENTCOM’s YouTube account including one called “O Soldiers of Truth Go Forth,” which urges the viewer to “rally the soldiers of the Islamic State.”

Pro-Islamic State Twitter users were quick to praise the apparent hack.

Twitter did not respond immediately to comment.

Close [ x ] More from DefenseOne