Some hackers took over the Chipotle Twitter account
Hackers decorated the Chipotle Twitter account with swastikas and proceeded to send out racist messages.
Chipotle is not having a good weekend. Late last night some hackers took over the Chipotle_Tweets Twitter account, and instead of singing the praises of burritos or trying to get customers to engage in some friendly social media, the account spent the night spewing racist comments across Twitter.
Last night the Chipotle logo suddenly disappeared and was replaced by a swastika. Right away, the account started tweeting racial slurs, homophobic epithets, and anti-government vitriol, sometimes all at the same time. Luckily for Chipotle, nobody seemed to think the chain was actually authoring those tweets, but several Twitter users took screenshots and made jokes about what a bad day the person who was supposed to be in charge of the company Twitter account must be having.
Alongside screenshots of the horrible tweets, posters commented:
Well @ChipotleTweets is having a bad night. pic.twitter.com/Nz8q2iAoNc
— Parker Higgins (@xor) February 8, 2015
So if you work in the media department at Chipotle, how much of a panic attack are you having right now? pic.twitter.com/uPhp0WtrxC
— emokidsloveme (@emokidsloveme) February 8, 2015
Well, I'm guessing either #Chipotle's Twitter got hacked or that guy Joe that always replies to you finally lost it. pic.twitter.com/RzeEDY3KNG
— American Moose (@originalmoose87) February 8, 2015
Chipotle seems to have gotten control of its account back in just a few minutes, because the swastika logo and the racist, homophobic, pro-Nazi tweets were promptly deleted. Once everything was back to normal, "Joe" issued an apology.
We apologize for the very offensive messages sent out from our account earlier tonight. We were unfortunately hijacked temporarily. -Joe
— Chipotle (@ChipotleTweets) February 8, 2015
According to The Daily Dot, the hacked Chipotle account linked out to two separate Twitter accounts, which presumably belonged to the hackers responsible. Both those accounts have been suspended, but before they were taken down one alleged hacker commented that he "did it for the lulz."
Chipotle Admits Its Weird Twitter Was a Marketing Stunt
Everything is a lie: Chipotle has admitted that whole Twitter hacking thing was a stunt to celebrate their 20th anniversary. (On Sunday, the burrito chain let loose a string of bizarre, vague tweets outside of their normal realm of cheery PR nonsense.) And according to Mashable, it worked: Chipotle got about 4,000 new followers the day of the stunt, as opposed to their usually 250. Hope you're ready for every single restaurant chain in the universe to pull the same thing.
The clues were there. The tweets referred Arvada, Colorado, which is a suburb of Denver and the home to Chipotle's corporate headquarters. They also brought up guacamole ingredients, which was apparently tied into some 20th anniversary game thing called : Chipotle rep Chris Arnold told Mashable it "was intended to tie into Sunday's puzzle about the ingredients Chipotle uses to make guacamole." Sure, why not.
Anyway, Chipotle is pretty pleased with itself and, because there's never enough of a good thing, they might even start selling t-shirts that say "Please Twitter end Twitter." Please Chipotle end Chipotle.
Share All sharing options for: Chipotle Is Very Sorry Its Twitter Account Got Hacked by Racists
It was quite the eventful weekend for Chipotle: The giant burrito hawker had its Twitter account hacked late Saturday night. Any of @ChipotleTweets' 600,000-plus followers who happened to be awake browsing their Twitter feeds were treated to an onslaught of all-caps tweets spewing racist insults, including one directed at President Obama, as well as anti-government sentiments and pro-Nazi statements. The hackers also changed Chipotle's profile photo to an image of a swastika.
Luckily for the beloved fast-casual chain, most of their Twitter followers instantly recognized the hateful tweets as the work of hackers and seemed to sympathize:
The PR department of Chipotle will be working overtime tomorrow. I feel for yall, I love you guys. #Chipotle #ouch pic.twitter.com/VEjvbMjuhx— Brandon McKinney (@BrandonMcKinney) February 8, 2015
When I see a brand's Twitter account gets hacked, I just feel for their social team. #Chipotle— Grace Low (@GraceofWrath) February 8, 2015
Chipotle UR not acting like urself today eat a snickers #chipotle pic.twitter.com/UTdANWgBLZ— nunya (@WhoIsSerena) February 8, 2015
The Daily Dot points out that "During the hack, Chipotle's Twitter bio was changed to point to two other accounts, presumably belonging to the hackers claiming credit for the attack," offering a screenshot of a tweet from one of the alleged hackers saying he "did it for the lulz." (Said accounts have since been suspended.) The hackers were reportedly able to gain control of the Twitter account by "compromising Chipotle's domain name system (DNS)" and redirecting emails to a different address, enabling them to reset the brand's Twitter password.
Chipotle finally regained control of its Twitter account around 4:30 a.m. EST Sunday morning. All the offending tweets were quickly deleted, followed by an official apology to its followers:
We apologize for the very offensive messages sent out from our account earlier tonight. We were unfortunately hijacked temporarily. -Joe
— Chipotle (@ChipotleTweets) February 8, 2015
While most of Chipotle's loyal fans don't seem too upset about this whole hacking incident, they would appreciate some free food:
Chipotle owes the world free burritos for those tweets. @ChipotleTweets— Willie Jones (@ThatKiddWill) February 8, 2015
Like maybe just give us all free burritos instead of use the 'n-word?' #Chipotle— Akilah Hughes (@AkilahObviously) February 8, 2015
Back in 2013 it was speculated that Chipotle's Twitter may have been hacked following a string of nonsensical tweets, but it turned out to be just a bizarre media stunt. Now that Chipotle's PR team knows the sting of a real hacking incident, it's safe to say they won't be doing that again in the future.
Eater Video Archives: 7 Signs Your Restaurant is a Sh*tshow
This Chipotle Ordering 'Hack' Has Sparked a Massive Internet Debate
We're no strangers to the fact that the hardworking men and women handing us our late-night McFlurrys and foil-wrapped burgers through drive-thru windows are a vastly underappreciated group. But one California father's recent to-go order became the plastic bendy straw that broke the fast-food worker's back. Well, all the ones on Twitter, at least.
Last week, Josh Williams, a California father of three who lives 45 minutes from his nearest Chipotle, posted a Tweet that has since sent the Internet into a burrito-filled debate&mdashone that hasn't divided us since the time we couldn't decide on the true colors of that infamous dress (it'll always be white and gold in our hearts).
To prevent his tacos from getting soggy on the journey home, Williams asked that all his ingredients be packaged separately into individual plastic containers, from grated cheese to the "you know this costs extra" guacamole.
Started asking the folks at Chipotle to individually package my ingredients so I can assemble it all at home.
Fast-food workers&mdashand the everyday Joe who has too much time on his hands&mdashimmediately chimed in, either heralding Williams as a messiah or labeling him as the hellspawn for every fast-food worker in the country.
brilliant. amazingly brilliant. this is like when I learned about well done fries at in-n-out.&mdash Tracy Pizzo Frey (@tracyfrey) July 3, 2017
HATED customers like this, F off with your extra ass man. (but in reality I was smiling and packing them ingredients #CustomerService) https://t.co/xvISNmyWso&mdash diane◡̈⃝ (@diaanemariaa) July 3, 2017
chipotle workers pretending to be chill about this pic.twitter.com/JQFdy0VREk&mdash 'Soz' Headass (@jimuyasha) July 3, 2017
Though, despite the backlash, Williams, whose face might possibly be the new wanted poster in burrito chains nationwide, is admittedly being a good sport.
I've learned a lot today folks. Top 3:
1. Chipotle Twitter is lit
2. I am what the kids call "extra af"
3. Line workers deserve more tips
Moral of the story? You never know which of your dinners you post to social media will go viral. Oh, and be sure to treat those fast-food workers extra nicely.
Are you for or against this fast-food hack? Tell us what you think in the comments below.
This Chipotle &lsquoHack&rsquo Won&rsquot Make You Any Friends Behind the Counter
You&rsquoll probably receive some extra side-eye with your order.
Diners are more enamored with delivery and take-out food than ever before. But though these options have their advantages, some parts of dining-in can’t be replicated. Like food integrity: At a restaurant, the food is served exactly as it’s supposed to be eaten after a 45 minute trip home bouncing around and cooling down in your car, not so much.
Twitter user Josh Williams thought he had found a solution to this problem – at least when it came to ordering to-go at Chipotle – and over the weekend, he shared this “hack.” “Started asking the folks at Chipotle to individually package my ingredients so I can assemble it all at home,” he wrote, accompanied by a photo of a bag full of tiny plastic cups filled with ingredients. 𠇊m I weird? Or brilliant?”
To be fair, he posed the question, and Twitter quickly answered. Some people appreciated his efforts, especially after he explained how he had to get the grub back to his kids at home. “I live 45 minutes from Chipotle now,” he later wrote. “If I take it home assembled, it gets cold and soggy.” But in general, Twitter’s sentiment was that he was neither brilliant, nor weird, but instead, he was just every quick-service employee’s nightmare. 𠇍on&apost be this guy,” one user responded, in a tweet that racked up a lot of likes 𠇌hipotle employees already slave away to long lines & a fast pace and you making them do this. You&aposre cruel.”
Plenty of people agreed, including some users claiming to be current and former Chipotle employees. Yes, chains like Chipotle often maintain a 𠇌ustomer is always right” mentality, but the customer can have a heart too. In fact, when asked for comment, Chipotle even hinted at this idea. “We always want for our guests to enjoy their experience at our restaurants, and our restaurant teams are trained to accommodate special requests, within reason, as best they can,” the burrito chain told Munchies – leaving that “within reason” very open for interpretation.
Of course, beyond caring for the employees, other concerns pop up as well. All those tiny cups create extra waste. Or if all you want is ingredients, why not just head to the grocery store and make burritos at home? In the end, Williams summed up his whole Twitter experience thusly: 𠇁. Chipotle Twitter is lit 2. I am what the kids call "extra af" 3. Line workers deserve more tips.” Our takeaway: If you can’t stand the heat, don’t tweet what’s coming out of the kitchen.
Men in St. Paul Chipotle viral video sue restaurant chain for discrimination, 'smear campaign'
ST. PAUL, Minn. (FOX 9) - Five young black men who posted a video of their confrontation with a manager at Chipotle in St. Paul, Minnesota last year are now suing the national restaurant chain for discrimination.
The federal lawsuit, filed Friday, also alleges Chipotle engaged in a “smear campaign” against the men. The group is seeking financial damages for the alleged “humiliation, embarrassment, emotional distress and mental anguish” they have endured because of the incident.
The alleged incident took place on Nov. 15, 2018 at the Chipotle on Grand Avenue. In the video, which went viral shortly after it was posted to Twitter, the service manager accuses the group of dining and dashing and tells them they have to prepay for their food, saying, “You got to pay because you never have money when you come in here.”
Chipotle fired the service manager after the video circulated, then offered her the job back.
The lawsuit claims Chipotle reversed its decision to fire the service manager after tweets attributed to the member of the group who posted the video surfaced in the media, allegedly alluding to a history of dining and dashing.
The lawsuit claims the tweets were falsely attributed to the man and that none of the other members of the group posted them, either.
For several days after, the man reportedly received numerous death threats on Twitter as well as other tweets containing racist epithets.
The lawsuit also cites an investigation by the St. Paul Department of Human Rights that found a “preponderance of evidence” suggesting Chipotle discriminated against the group of men.
In its response to the lawsuit, Chipotle denied the majority of allegations, including the suggestion that the restaurant chain hacked into a member of the group’s Twitter account and posted the tweets about dining and dashing, calling it “patently ridiculous.”
Twitter CEO Jack Dorsey’s account hacked, racist tweets posted
San Francisco: Twitter said Friday the account of chief executive Jack Dorsey had been "compromised" after a series of erratic and offensive messages were posted.
The tweets containing racial slurs and suggestions about a bomb showed up around 2000 GMT on the @jack account of the founder of the short messaging service before being deleted.
Some of the tweets contained the hashtag #ChucklingSquad which was believed to indicate the identity of the hacker group.
The messages contained racial epithets, and included a retweet of a message supporting Nazi Germany.
"We're aware that @jack was compromised and investigating what happened," a Twitter spokesperson said.
A barrage of comments fired off on the platform questioned why the Twitter o-founder didn't secure his account with two-factor authentication, and how disturbing a sign it was that the service wasn't to keep its own chief safe on the platform.
"If you can't protect Jack, you can't protect. jack," one Twitter user quipped. The news comes with Dorsey and Twitter moving aggressively to clean up offensive and inappropriate content as part of a focus on "safety."
Twitter CEO Jack Dorsey says his company's efforts to stop online abuse have been a 'huge fail'.
"This might be the only way to get rid of racist tweets on this platform," a Twitter user commented. Twitter recently announced they would meet with Manchester United representatives regarding calls for more to be done in preventing racist abuse of footballers on social media platforms.
British-based security consultant Graham Cluley said the incident highlighted the importance of two-factor authentication, where a user must confirm the account via an external service.
"Everyone should ensure they have 2FA enabled, use unique password, and double check what apps they've linked to their accounts," Cluley tweeted.
"Hard to say at moment how he was compromised, but one of those reasons most likely."
Cybersecurity researcher Kevin Beaumont said the account appeared to have been hijacked "via a third party called Cloudhopper, which Twitter acquired about 10 years ago and had access to his account."
Cloudhopper enables users to send tweets on their phones via SMS. The incident raised fresh concerns about how social media users -- even prominent ones -- can have their accounts compromised and used for misinformation, a point highlighted by Canadian member of parliament Michelle Rempel Garner.
"Between bots, trolls and abuse, I've been skeptical about @Twitter as a viable platform for some time now," Rempel Garner wrote.
"But the fact it took the platform's owner (@jack) about 30 min to get his hacked account under control is deeply problematic, and makes me worry as an elected official."
SUBSCRIBE NOW Daily News
An internal investigation into the hacked Twitter accounts of high-profile celebrities, billionaires and politicians Wednesday revealed that the social media company’s own tools were used to carry it out.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter Support tweeted Wednesday evening. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.&mdash Twitter Support (@TwitterSupport) July 16, 2020
Earlier in the day, tweets encouraging donations with a link to the same bitcoin address were sent from the official Twitter accounts of former President Barack Obama, Democratic presidential front-runner Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked. The fake tweets tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.
There is no evidence that the owners of these accounts were targeted themselves. Instead, the hacks appeared designed to lure their Twitter followers into sending money to an anonymous Bitcoin account. The Biden campaign, for instance, said that Twitter’s integrity team “locked down the account within a few minutes of the breach and removed the related tweet.”
Obama’s office had no immediate comment. The FBI said it was aware of Twitter’s security breach, but declined further comment.
In a tweet, Twitter noted that it was aware of a “security incident impacting accounts on Twitter.” The San Francisco company said it is investigating and promised an update shortly. It did not reply immediately to requests for comment.
The apparently fake tweets were all quickly deleted, although The Associated Press was able to capture screenshots of several before they disappeared. The security problem was severe enough for Twitter to warn that many of its more than 166 million daily users might be unable to tweet or reset their passwords while the company tried to lock things down.
Among the political figures targeted, the hack mostly appeared to target Democrats or other figures on the left, drawing comparisons to the 2016 campaign. U.S. intelligence agencies established that Russia engaged in coordinated attempts to interfere in those U.S. elections through social media tampering and various hacks, including targeting the various campaigns and major party organizations.
The hack might also be a simple demonstration of Twitter’s weak security controls as the U.S. heads into the 2020 presidential election, a contest in which the service is likely to play an influential role.
The Bitcoin account mentioned in the fake tweets appears to have been created on Wednesday. By the end of the day, it had received almost 12.9 bitcoins, an amount currently valued at slightly more than $114,000. At some point during the day, roughly half that sum in bitcoin was withdrawn from the account.
Bezos, Gates and Musk are among the 10 richest people in the world, with tens of millions of followers on Twitter. The three men are worth a combined $362 billion, according to the latest calculations by Forbes magazine.
The same bogus offer cropped up a second time on Musk’s account, which has a history of sometimes befuddling tweets from the eccentric billionaire. Tesla didn’t immediately respond to a request for comment.
Gates, who has become one of the world’s leading philanthropists since stepping down as Microsoft CEO, confirmed the tweet wasn’t from him. “This appears to be part of a larger issue that Twitter is facing,” a spokesperson for the billionaire said in a statement.
This is hardly the first time hackers have created mischief on Twitter. Just last year, the account of Twitter CEO Jack Dorsey was broken into a nd used to tweet racist and vulgar comments.
The latest security breach prompted Sen. Josh Hawley, a Missouri Republican, to send a letter to Dorsey urging him to work with the FBI and the Justice Department on ways to improve Twitter’s security.
“A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security,” Hawley wrote.
Investors also appeared to be concerned about potential fallout from the hack affecting Twitter’s usage. Twitter’s shares fell 3% in extended trading after news of the hack broke.
Chipotle rehires manager who asked African American men to prepay for burritos
“You got to pay because you never have money when you come in here,” a manager of a Chipotle in St. Paul, Minn., told a group of young African American men in a video one of them posted to Twitter on Friday, and the exchange only got testier from there: “We got no money? That’s racist!” one man says, as the manager explains that they have to prepay for their burritos. “I might just run off with my food today, bro,” another says. “She’s making crazy accusations.”
A white customer got his order, and the group erupted. “Why did he not have to pay before?” a number of the men said.
After the video was posted to Twitter, launching a conversation about implicit bias and the challenges of merely existing in public spaces while being black, the manager was fired. Chipotle announced that it would retrain its employees to prevent further incidents.
But the company now says it has rehired the manager based on “additional information” that has come to light.
“We have spent the last few days reviewing the evidence available to us regarding the incident in St. Paul, MN. Based on our review, we have offered our manager her job back. While our normal protocol was not followed serving these customers, we publicly apologize to our manager for being put in this position,” said Laurie Schalow, Chipotle’s chief communications officer, in an email to The Post. “We will work to continue to ensure that we support a respectful workplace for our employees and our customers alike. Our policy is to treat our customers and employees fairly and with respect at all times and under any circumstances. We will work with all our restaurant teams to ensure they are prepared to handle situations of this kind and know they have our full support. We are committed to doing the right thing and acting in a manner consistent with a thoughtful, fact-driven approach.”
The St. Paul Pioneer Press reported that Masud Ali, the man who posted the video, had also tweeted multiple times about dining and dashing at Chipotle and other restaurants. Several of those tweets were found by other Twitter users.
Hackers Tweeted Racial Slurs From Twitter CEO Jack Dorsey’s Account
The official Twitter account of Jack Dorsey, the CEO of the social media platform, was hacked on Friday and used to broadcast racial slurs and a bomb threat.
Shortly before 1 p.m. in San Francisco on Friday, Dorsey's @jack account tweeted a link to a Discord chat and RT'd a series of tweets, including one that read, "follow me i am jacks daddy." The account also tweeted a string of racist slurs and a bomb threat directed at Twitter's headquarters. The tweets were removed within about 20 minutes of publication.
"The phone number associated with the account was compromised due to a security oversight by the mobile provider," a company spokesperson said in a statement. "This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved."
A source familiar with the situation confirmed that Dorsey had been "SIM swapped," or a process in which a hacker takes over a victim’s mobile phone number, and with that cellular account access, gains controls to applications connected to the phone number. This can happen if a hacker uses some personal information about a person — like the last four digits of a Social Security number, a credit card number, or even a fake ID — and calls the victim’s carrier’s customer service to move a mobile account over to another SIM card.
A Twitter spokesperson would not confirm if that was the case and did not say which mobile carrier Dorsey employed. They also didn't comment on the Twitter CEO's whereabouts. When asked if the hackers had further access to Dorsey's account like his direct messages, the spokesperson declined to comment.
Discord, a messaging app that's popular with gamers, took down the server hosting the chat tweeted by the @jack account. Before the server was taken down, BuzzFeed News discovered discussions suggesting the hackers might target President Donald Trump's account next.
Dorsey's hacked tweets were posted to Twitter through an app called Cloudhopper, which was acquired by Twitter in 2010 and enables SMS-based tweeting.
The incident is a humiliating blow for Twitter, which has long struggled to police hate and abuse on its platform. In 2017, the company beefed up its login verification, adding the ability to add an authenticator app, in addition to SMS text messages, as an extra layer of security in order to mitigate hacked accounts on the platform.
Friday's incident reminded some of a November 2017 incident in which a disgruntled Twitter contractor took Trump's account offline for 11 minutes. That contractor, who had been at Twitter for four months, had the tools to unilaterally deactivate one of the most followed accounts on the service, leading some to question the security protocols in place at Twitter headquarters.
A former Twitter employee, who spoke to BuzzFeed News under the condition of anonymity for fear of retribution, called the incident "extra brutal" for the company given that it appears it was attacked using its own product, Cloudhopper. That person recalled that Twitter acquired Cloudhopper in 2010 because of ballooning SMS costs.
It's also a black eye for Dorsey, who has shunned efforts to better secure him and his devices, according to the source. The person recalled that Dorsey, who prefers to do the majority of his work from his iPhone, rejected a more secure laptop to work from by Twitter's security team. Part of the reason, the person said, was that Twitter's CEO did not like to carry items with him during his long walks.
A different former employee noted that "exec account security used to be a disaster." That person recalled how security managers often complained about how few Twitter executives used two-factor authentication.
A Twitter spokesperson declined to comment on Dorsey's security measures.
This also wasn't the first time that Dorsey's account has been compromised. In July 2016, a hacker collective known was OurMine was able to post from his account by taking over a Vine account that was linked to Dorsey's Twitter. Vine, a short video sharing service, was bought by Twitter in 2012 before it was shuttered in late 2016.
Tess Russell, a product manager at Vine at the time, said that while the messages that OurMine posted at the time were innocuous — the group simply noted they were testing the Twitter CEO's security — it was a wake up call for people at the company.
"It showed that even [Dorsey] was vulnerable," she said. In meetings discussing what happened after the incident, she recalled managers telling employees to revoke access to apps they were no longer using and to keep passwords to company standards.
Friday's incident, she said, seemed like "a relatively similar situation" where hackers used a different service to access and post from his Twitter account.
"That's the whale," Russell said, noting that hackers were probably look to inflict embarrassment and confusion. "That's the gold."