Kutcher's Twitter Account Hacked at TED

Charlie Sheen now holds a Guinness World Record for fastest to reach 1 million followers on Twitter, but another celebrity who made headlines for reaching 1 million followers back in 2009 might want to keep a closer eye on his account.

Twitter enthusiast and actor Ashton Kutcher, who now has almost 6.4 million followers, had his account hacked while attending the TED conference.

"Ashton, you've been Punk'd. This account is not secure. Dude, where's my SSL?" reads the most recent tweet on his account.

The hacker apparently posted another tweet that said "P.S. This is for those young protesters around the world who deserve not to have their Facebook & Twitter accounts hacked like this. #SSL" - but that has since been deleted.

The hacker was apparently trying to make a point about lax security measures on social-networking sites. As Sophos's Graham Cluley points out, "tools such as Firesheep make it child's play for anybody sitting close to you to jump onto your Facebook or Twitter session if you're using unencrypted WiFi without an SSL connection, for example at a free WiFi hotspot."

Insecure Twitter and Facebook accounts can be tempting for cybercriminals who want to take advantage of the millions of people following celebs like Kutcher, Cluley said. "We should just be grateful that on this occasion the hack appears to have taken place to promote better awareness of the need for better security, rather than with more malicious intent," Cluley wrote.

He said it would be "great" if Twitter "forced the use of HTTPS at all times."

HTTPS keeps data encrypted as it travels between your Web browser and servers and is mostly used for things like banks and credit card company Web sites. Sites that deal with sensitive personal information have typically used HTTPS during the sign-in process to protect password information and reverted back to HTTP afterwards because full encryption can sometimes slow down your experience on that site. Hotmail and Facebook have optional full HTTPS and Gmail last year implemented full-time, opt-out HTTPS.

Last week, New York Sen. Charles Schumer on Monday called on Internet companies like Amazon, Twitter, and Yahoo to encrypt their users' accounts in order to prevent hackers from gaining access to personal information over Wi-Fi networks.

In a Wednesday tweet, Twitter said "users can use Twitter via HTTPS ... We've long been working on offering HTTPS as a user setting & will share more soon."

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio