Sports Minister Amélie Oudéa-Castéra’s X profile hacked

The hackers changed the minister's profile to pretend to be Priscillia Pasqualetti, an X employee.

The X account of Amélie Oudéa-Castéra,the French Minister for Sport and the Olympic and Paralympic Games, was hacked on Friday 11 May. The profile has since been restored.

“During the night from Friday to Saturday, the X account of Amélie Oudéa-Castéra was hacked, which was immediately detected”, the minister’s office confirmed to the specialist website Numerama and BFM TV.

“The ANSSI [National Agency for the Security of Information Systems] services were immediately contacted and took immediate action. The account was quickly taken over by X, which made it possible to block its activity. Access to the account by the minister and her team was quickly restored in coordination with the X and ANSSI teams,” the statement said.

Initially, changes to the profile picture and strange publications were observed. Guillermo Rauch, an American-Argentinian entrepreneur, received phishing messages on X coming from the hacked account of Amélie Oudéa-Castéra and containing malicious links.

The hackers changed the minister’s profile to pretend to be Priscillia Pasqualetti, an X employee. They then tried to trap their target by informing him in private messages that his posts did not comply with the new rules of the platform and included a link to a social media clone site to pirate them.

The minister’s account was fully restored by midday on Saturday. “Additional measures have been taken to strengthen the security of the account. An investigation is underway to determine the origin of the hacking,” the ministry told Numerama.

The site, which specialises in digital issues, lists the two most likely hypotheses for the origin of the hacking. A poorly protected account, where the hackers finally found the right combination of email and password, or a phishing lure, where the person in charge of the account entered the credentials of Amélie Oudéa-Castéra’s account after receiving a fraudulent link.

One trick to limit the possibility of such account hacking is to activate two-factor authentication. When asked by BFMTV, the minister’s office did not specify whether this had been implemented on the minister’s account.

The Paris 2024 Olympic Games are facing an unprecedented cybersecurity challenge, with enormous pressure expected this summer. The Paris 2024 organisation is working closely with the French National Agency for Information Security (ANSSI) and cyber security companies Cisco and Eviden (Atos Group) to minimise the impact of cyber attacks.



Source link