The office of Canadian Senator Amina Gerba has confirmed the Quebec parliamentarian’s account on the X/Twitter social media platform was hacked this week.
Walter Calderon, the Senator’s executive assistant, made the confirmation Wednesday in a telephone interview. It followed the disclosure of the hack on Tuesday by MalwareHunterTeam, a resource on ransomware for IT teams and security researchers.
According to MalwareHunterTeam, the account was renamed as “LFG” and — taking advantage of Gerba’s followers — was being used to promote a scam.
However, late this morning the account and its content had been restored.
Asked when Gerba knew she couldn’t get into the account, Calderon said that on Tuesday “she just realized she didn’t have access to her account. Like anyone would do, she tried her password but it didn’t work because the email was not associated with the account.”
Gerba, who had created the account herself to promote her work as a Senator, then notified the federal government’s IT department, Calderon said.
At the time he spoke to IT World Canada, he didn’t realize the account had been restored.
Calderon didn’t know if the Senator had implemented multifactor authentication to protect from login compromise.
Gerba was appointed to the Senate in 2021 by Prime Minister Justin Trudeau. She sits as an independent. She is a member of the Senate Foreign Affairs and International Trade Committee and the Human Rights Committee. She is also very actively involved in the Parliamentary Black Caucus and Senators for Climate Solutions.
This isn’t the first time a Canadian parliamentarian’s social media account was taken over.
In 2019, Twitter confirmed Senator Linda Frum’s account had been hacked. The threat actor posted racial slurs and some of Frum’s personal information, including her driver’s licence. Her access was quickly restored. In 2018, Conservative Senator Don Plett’s Twitter account was briefly taken over. Around the same time, Conservative MP Peter Ken reported he had been locked out of his Facebook and Instagram accounts.
In the U.S., Senator Joe Manchin’s social media accounts were hacked in 2018. In 2012, Senator Chuck Grassley’s Twitter account was taken over.
Suspected attackers of the social media accounts of politicians range from hacktivists to foreign governments.
X/Twitter offers this advice to users for protecting their accounts:
- use a strong password that’s not used on other websites;
- enable two-factor authentication as protection, in case an outsider is able to get hold of your username and password;
- require email and phone number confirmation from X to request a reset password link or code;
- be cautious of suspicious links that claim to send you to X/Twitter. Always make sure you’re on twitter.com before you enter your login information;
- never give your username and password out to third parties, especially those promising to get you followers, make you money, or verify you;
- Make sure your computer software, including your browser, is up-to-date with the most recent upgrades and anti-virus software.