Twitter hacker pleads guilty, sentenced to 3 years

Prosecutors touted the plea deal as a chance for Graham Ivan Clark to mend his ways.
(Photo by LIONEL BONAVENTURE/AFP via Getty Images)

A Florida teenager has admitted to orchestrating the hijacking of celebrity Twitter accounts last year as part of a plea deal that will see him serve three years in a juvenile facility, prosecutors said Tuesday.

Graham Ivan Clark, 18, admitted to being behind a scheme that saw him steal more than $117,000 by taking over the Twitter accounts of numerous public figures and then blasted out tweets promoting cryptocurrency, according to prosecutors in Hillsborough County, Fla. More than 100 high profile people, from Microsoft founder Bill Gates to former president Barack Obama, had their accounts targeted in an incident that exposed glaring vulnerabilities in Twitter’s security protocols.

Clark was 17 when he was arrested, and prosecutors touted the plea deal as a chance for him to mend his ways. The agreement includes three years of supervised release.

Clark pleaded guilty to obtaining unauthorized access to a computer, and to numerous counts of communications fraud and fraudulent use of personal information. An attorney for Clark could not be reached for comment on Tuesday.


U.S. prosecutors have also charged a 19-year-old man living in the U.K. and another Florida man in connection with the breach.

Twitter came under scrutiny for its security practices following the breach, with critics warning that an attacker with different intent could have used the access to sow disinformation ahead of the 2020 election.

An investigation by the New York’s Department of Financial Services found that the perpetrators of the breach posed as customer support, tricking Twitter employees into handing over their login credentials. Twitter has since beefed up its security and hired Rinki Seth, a former IBM executive, as chief information security officer.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts