'White House explosions' Twitter hoax shakes US markets
False alarm ... the tweet from a hacked Associate Press account.
Hackers took control of the Associated Press Twitter account on Tuesday and sent a false tweet of two explosions in the White House that briefly shook US financial markets.
In the latest high-profile hacking incident involving social media service Twitter, an official @AP account reported that explosions at the White House injured President Barack Obama. AP spokesman Paul Colford quickly confirmed the tweet was "bogus".
White House spokesman Jay Carney told reporters that Obama was fine soon after the tweet went out a little after 1pm US EDT on Tuesday (3am Wednesday AEST).
But within three minutes of the tweet's release, virtually all US markets took a plunge on the false news in what one trader described as "pure chaos".
Reuters data showed the tweet briefly wiped out $US136.5 billion of the S&P 500 index's value before markets recovered. Some traders attributed the sharp fall and bounce-back to automatic electronic trading.
The US Securities and Exchange Commission (SEC) is looking into the bogus tweet and its impact on the markets, said SEC commissioner Daniel Gallagher.
"I can't tell you exactly what the facts are at this point or what we are looking for, but for sure we want to understand major swings like that, however short it was," Gallagher said.
At a time when cyber security and hacking have become top security concerns around the world, Twitter and its reach to hundreds of millions of users is coming under growing scrutiny for the risk of privacy breaches on the site.
A group calling itself the Syrian Electronic Army, which is supportive of that country's leader, Bashar Al-Assad, on Tuesday claimed responsibility on its own Twitter feed for the AP hack.
Both the @AP and @AP_Mobile Twitter accounts were suspended shortly after the fake tweet, and the news organisation later reported that the tweet came after hackers made repeated attempts to steal the passwords of AP journalists.
A Twitter spokesman declined to comment on the AP breach, saying the company does not comment "on individual accounts for privacy and security reasons". An FBI representative had no immediate comment on the AP hacking incident.
"There's plenty of blame to go around," said Stewart Baker, a cyber security lawyer at Steptoe & Johnson. "AP should have had better passwords, Twitter should have gone to at least optional two-factor authentication months ago, and guys on the Street really should be thinking twice before they trade on Twitter reports. That's risky."
For years, security experts have called on Twitter to introduce a two-factor authentication measure, which requires a two-step process to log in and which they say would greatly reduce such breaches. Social network Facebook and services from internet giant Google already offer such a service.
In recent months, Twitter has hired security experts and posted job listings for software engineers, who could help the company roll out two-factor authentication.
The AP is the latest media organisation to come under siege from hackers in a spate of incidents over the past several months. The New York Times, The Wall Street Journal and CNN said their systems were hacked, prompting the White House and lawmakers to push through legislation designed to help better defend against cyber attacks.
Bloomberg's professional trading platform started incorporating tweets earlier this year. On Tuesday, spokeswoman Sabrina Briefel said the fake tweet did appear on the Bloomberg terminal. She said the company was not reconsidering its decision to include tweets.