The US Justice Department has charged three people for their alleged role in the Twitter hacking incident last month that targeted the accounts of many celebrities, including Barack Obama, Joe Biden, Elon Musk and Bill Gates.
In a statement, Attorney David Anderson said the individuals charged in the case include Nima Fazeli, 22, from Orlando, Florida; Mason John Sheppard, 19, from the UK; and Graham Ivan Clark, 17, also from Florida.
Clark, a minor, was arrested at his apartment in Tampa on Friday. The UK's National Crime Agency (NCA) also confirmed last week that it had searched a property in Bognor Regis with police in search of Mason "Chaewon" Sheppard.
Florida State Attorney Andrew Warren said that his office was handling the prosecution because Florida law offers greater flexibility to charge a minor in a case like this.
Clark, who is said to be the 'mastermind' behind the case, faces 30 felony charges, including 17 counts of communication fraud, 10 counts of fraudulent use of personal information, one count of organised fraud (over $50,000), one count of unauthorised access to electronic devices and one count of fraudulent use of personal information (over $100,000 or 30 or more victims).
"This was not an ordinary 17-year-old," Mr. Warren said.
According to investigators, Nima "Rolex" Fazeli and Sheppard assisted Clark in the hack.
Fazeli has been charged with aiding and abetting intentional and unauthorised access to a protected computer, while Sheppard is charged with money laundering, conspiracy to commit wire fraud and unauthorised access to a computer.
According to court documents, Clark contacted a Twitter employee over the phone and convinced him that he was a co-worker from the technology department, who needed the employee's credentials to access the customer service portal.
After gaining those credentials, the hackers used them to gain access to Twitter's internal system, which eventually allowed them to reset the passwords of Twitter users.
By the time Twitter noticed the attack and managed to stop it, the hackers had broken into nearly 130 accounts, using 45 of them, including the accounts of Barack Obama, Joe Biden, Jeff Bezos, Bill Gates and Elon Musk, to post Tweets.
The attackers also downloaded historical and personal data from seven accounts and accessed the direct message inboxes of 36 accounts.
Tweets from some accounts promised to double the amount of Bitcoin that users sent to a specific address.
'Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes,' Twitter said in a blog post last week.
"This knowledge then enabled them to target additional employees who did have access to our account support tools."
Despite the sophistication of the attack, the hackers left several hints about their real identities, such as failing to hide the money they had made in the hack. These errors enabled law enforcement agencies to track them down in just two weeks.
'We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses,' Twitter said in a statement.
'For our part, we are focused on being transparent and providing updates regularly,' it added.
Twitter also said that it was taking steps to improve methods for detecting and preventing unauthorised access to the company's internal systems and also prioritising security work across many of its teams.
Spear-phishing attack enabled attackers to access 130 accounts on the social media platform
125 organisations in the UK have contacted the ICO in relation to data breach
Data published online after service provider refused to pay ransom
A patch addressing the bug was released last month
Cloud services provider Blackbaud paid a ransom after being promised stolen data would be destroyed