Yahoo News Twitter account posts untrue claim of Ebola outbreak in Atlanta, 145 people infected

No, it’s not true.

There isn’t an Ebola outbreak in Atlanta.

But if you were following the Twitter account of Yahoo News at 4:41 pm EST on Sunday, you might have thought it was true - for a while at least.

Here is the tweet that appeared (and has since been deleted):

Yahoo tweet about Ebola

BREAKING EBOLA OUTBREAK IN ATLANTA! Estimated 145 people infected so far since Doctors carrying the disease were flown in from Africa.

A few minutes later, everyone’s less favourite search engine tweeted a retraction:

Although many media reports have said that Yahoo News’s Twitter account was “hacked”, I personally think that’s unlikely.

Wouldn’t a genuine hacker have had more fun that simply posting one message? It wouldn’t be unusual for instance for a hacker of a Twitter account to post links to spam websites, or try to encourage followers to visit a phishing site, or post mischievous messages designed to damage the brand of the organisation that has had its social media account hacked.

And also, take a look at Yahoo’s wording. They say it was an “unauthorised tweet”, not a hack.

It sounds more to me like someone didn’t go through the proper approval process when posting that tweet (and maybe hadn’t checked their sources), or was posting a test message not realising that it would go public.

It just doesn’t smell like a hacker to me. My suspicion is that it’s someone internal to Yahoo instead.

And, if I’m right about that, Yahoo is in good company. A couple of months ago, the BBC News app found itself making the news after one of its staff didn’t realise a test message would be seen by the outside world.

Tags: , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

One Response

  1. Coyote

    August 12, 2014 at 9:18 pm #

    If I didn’t have an aversion to social media I too would be ‘retweeting’ (the very idea of that sounds absurd to me… re before tweet? I admit I am cuckoo but Twitter has issues, methinks…) that too. I don’t think it is a compromised account, either. And indeed, there’s way more fun than suggesting an outbreak in Atlanta of ebola. Although… I can imagine the mass-panic from the massive believe-what-told-always masses that followed, and I can see how it would be very amusing. So amusing in fact, that several of the many dark and/or (fine, remove the or) evil demons in me is giving shrieks of laughter… But still, let’s assume they would be brave enough to admit it (yes, yes, I know it is an absurd idea. but let’s just ignore it - or consider it even, which makes it more plausible, perhaps - as only an assumption and nothing else, okay?). Yahoo cannot get their own issues straight so would they be any more capable to get things that are not ‘owned’ by them, i.e., not on their own premises, under control? Considering this, how would they even know? If they have multiple staff members with access (I’ll ignore this issue entirely…) which by itself increases risk (but again, ignoring this) then the person that posted this must feel might embarrassed at this time… and I’m sure they’re looking for the opportunity to admit to their blunder… or is that, they’re dreading that they are discovered?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.