Pop star Britney Spears has had her Twitter account hacked. A message claiming that the star had died was posted after Britney’s Twitter account was compromised by an attack who used the third party website, TwitPic.
“Britney has passed today. It is a sad day for everyone. More news to come,” the message read.
The stunt was seen by Spears’ two million followers earlier today. The picture on Britney Spears’s TwitPic account and the fake post to Twitter have since been deleted.
“Britney’s Twitter was just hacked,” the message now reads. “The last message is obviously not true. She is fine and dandy spending a quiet day at home relaxing.”
“The millions of people who follow celebrities on Twitter have to be grateful that all they witnessed this time was a sick prank by hackers,” said Graham Cluley, senior technology consultant at IT security and control firm Sophos.
“But this kind of vulnerability goes to show how simple it can be for hackers to break into accounts.”
Cluley said that users should be careful when clicking on links in tweets, especially ones that have been hidden by link shortening services.
“This attack has demonstrated that services like TwitPic need to be doing more to protect their users,” he added.
TwitPic automatically forwards messages to the associated Twitter account and it is thought that hackers sent a message to the unique email address Britney uses to post her images. That would have involved cracking a four digit PIN code.
Following the attack on Spears’ account, TwitPic announced that it has fixed a vulnerability with its email posting functionality.