Three people, including a 17-year-old Tampa teen, face charges linked to the largest breach ever on Twitter, affecting the accounts of verified figures including Bill Gates and former President Barack Obama.
In a statement released Friday, the Hillsborough State Attorney’s Office in Florida said the teen was the “mastermind” behind the hack, which involved posting messages on high-profile Twitter accounts soliciting bitcoin.
The teen faces 30 felony counts including 17 counts of communications fraud, organized fraud and fraudulent use of personal information. The teen was arrested on Friday, said the attorney’s office, and has been charged as an adult.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here,” said Hillsborough State Attorney Andrew Warren in a statement. “This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida.”
Two other individuals have been charged for alleged roles in the incident, said the Justice Department in a statement Friday.
Mason Sheppard, 19, of Bognor Regis in the United Kingdom, faces multiple charges including conspiracy to commit wire fraud, and the intentional access of a protected computer, said DOJ.
Also charged was 22-year-old Nima Fazeli of Orlando, for allegedly aiding and abetting the intentional access of a protected computer.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” said U.S. Attorney David L. Anderson in a statement. “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.”
In a separate statement Friday, Twitter praised the “swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.”
Earlier this month, several big-name accounts belonging to Amazon CEO Jeff Bezos, Democratic presidential candidate Joe Biden, and others were compromised, displaying messages to send bitcoin. The scheme netted more than $100,000 in less than an hour.
On Thursday, Twitter said the hack was a “social engineering” ploy targeting a small number of employees through a phone spear phishing attack.
Spear-phishing is a more targeted version of phishing, an impersonation scam that uses email or other electronic communications to deceive recipients into handing over sensitive information.
“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes,” said Twitter. “This knowledge then enabled them to target additional employees who did have access to our account support tools.”
The Associated Press contributed to this report. Follow Brett Molina on Twitter: @brettmolina23.