Donald Trump Jr.’s X account was compromised on Wednesday in one of the more high-profile security lapses during Elon Musk’s ownership of the company. The account made several unusual posts, including one that falsely claimed former President Donald Trump had “passed away” and that Trump Jr. would take his place in the ongoing 2024 presidential campaign. The bogus posts were eventually deleted later in the morning.
Security at X, formerly Twitter, has always been a rocky issue — and it was a problem long before Musk took over. A massive hack in 2020 saw numerous popular accounts hijacked in an effort to push a Bitcoin scam; its perpetrators have since faced legal consequences. Earlier this year, a database posted online was claimed to contain over 200 million X usernames and email addresses. But the company pushed back on any perception that it had been hacked, saying the amassed data “could not be correlated with the previously reported incident or any data originating from an exploitation of Twitter systems.”
Ella Irwin, who had served as X’s head of trust and safety, resigned from her position in June, and layoffs at the company have cut into that division (along with many others).
In February, X announced that only Premium subscribers would be able to utilize SMS for two-factor authentication. Other customers can still take advantage of alternate two-factor methods, and if you’ve still got an account on the platform, here’s your reminder to make sure your security is up to snuff.
The FTC has ramped up privacy investigations surrounding X under its new leadership, pushing the company for answers on how it’s ensuring user data remains secure. Soon after Musk purchased what was formerly Twitter, employees raised concerns the company was at risk of violating its consent decree with the FTC and potentially being hit with massive fines.
Trump Jr. had not yet acknowledged any breach of his account as of Wednesday morning after the posts were deleted.