Tonight the official, verified @PayPalUK Twitter account was hacked. The account has now been suspended, so here is a blow by blow account of what happened, complete with screenshots in their gory detail.
Approx 9.30pm: @PayPalUK Twitter account was hacked and began posting colourful Tweets, including “PAYPAL CAN FREEZE YOUR FUNDS FOR NO REASON, DO NOT USE PAYPAL!!”, “PAYPAL SUCKS – LEARN WHY AT paypalsucks.com”, and other more fiercely worded tweets. The account also began retweeting messages and complaints from other Twitter users. Around 20 Tweets were made in the space of a few minutes.
Some good Samaritans quickly came onto the scene, in the shape of @drewb and @benrmatthews (I follow Ben on Twitter, which is how I picked up on the drama as it unfolded). They alerted @jonin60seconds – head of social media at PayPal UK, who tweeted to @support for help. At this point offers of help began flooding in from other influential social media users, calling on personal contacts at Twitter to mobilise them to help stem the flood of Tweets. (For anyone looking to make friends with a Twitterer, some of the users suggested include @jas, @delbius, @katies, @jess @tonyw, @rbremer and @TonyW )
In the end, it was @delbius who came to the rescue. As you can see in the screenshots below, there were a few minutes when the @PayPalUK account displayed 0 followers, 0 following and 0 Tweets, before showing the “Account Suspended” placeholder at around 10.30pm, almost exactly an hour after the fiasco began.
@PayPal chimed in on Twitter to reassure users that only the Twitter account had been hacked, and that user’s bank details had not been compromised. A few minutes later, at around 22.35 the PayPalUK Facebook page displayed the following update: “Hi All. Tonight our PayPal UK Twitter account was hacked. We are still looking into why this happened but we can assure that our Twitter account is separate to PayPal so all your personal information stored on PayPal is as safe as it always has been.”
User responses have so far been mixed, with many users highlighting complaints and difficulties they have had with PayPal in the past, some users stating that they feel the company deserved to be hacked, and others expressing genuine concern about the safety of their data, indicating that their faith in the company and its security policies has been damaged. However, there were also messages of support from customers who were happy to hear the company’s reassurance. One user posted the following insightful message:
“Guys, seriously give them a break. As a community manager myself I can assure you their twitter account is no reflection of the security of their product. You have to be able to work within the structure and set up of the platform you use. …In this case Twitter and Facebook for a company are not that secure.”
The company’s response to this disaster has so far been fairly quick and efficient. They haven’t tried to delete criticism and they have responded quickly to the issue, stepping in to reassure users. However, the long term impact that this has will be decided by the way in which PayPal addresses the underlying security issues this event has flagged up. We’ll be keeping a close eye on things!
As of 23.50pm, the @PayPalUK account now appears to be back in the hands of its rightful owners, with the first post made reading “This account was hacked earlier. We have it in our control now. Your personal data is still 100% safe, hack occurred on Twitter not PayPal”, followed by an apology. The company account still features the retweets made by the hacker, as these cannot be deleted.