Cyber Incident Victim: British Army
Date:
Feb 2019
Location:
United Kingdom
Summary
A British Army unit responsible for social media influence operations had its Twitter account compromised by an individual exploiting an unidentified security vulnerability. The attacker, identifying as "boredbloke," renamed the account and publicly taunted official military channels before relinquishing control, highlighting difficulties in responsibly disclosing the weakness due to the absence of reporting mechanisms. The incident resulted in operational disruption and public embarrassment, with the Ministry of Defence subsequently denying the account's legitimacy while locking it to restrict public visibility. The compromise underscored systemic security gaps in the unit's digital presence despite its focus on information warfare.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 13, 2019, an individual identifying himself as "boredbloke" gained unauthorized control of the British Army's @77th_Brigade Twitter account, which belonged to the 77th Brigade - a military unit specializing in non-lethal information operations and social media influence campaigns. The hacker discovered a security vulnerability that allowed account takeover, though specific technical details weren't disclosed. After unsuccessfully attempting to report the vulnerability through official channels due to lack of response mechanisms and anonymity concerns, boredbloke proceeded to compromise the account. He renamed it @79th_Brigade and engaged in public taunts directed at other British Army social media accounts, including labeling the unit "fun sponges" when recovery attempts began. The hacker justified his actions as demonstrating security negligence, comparing it to finding an unattended running vehicle with keys in the ignition.
British Army personnel eventually regained control of the compromised account and implemented enhanced security measures, restricting visibility to followers-only. The incident exposed operational security gaps, including the absence of a vulnerability disclosure program or effective contact channels for external security reports. While no malicious content dissemination occurred beyond the name change and mocking messages, the breach created reputational challenges. The Ministry of Defence subsequently denied the existence of any official 77th Brigade social media accounts, characterizing the compromised profile as an unauthorized parody. The unit's actual composition - approximately 450 personnel focused on psychological operations and digital outreach - remained unaffected, though the incident highlighted vulnerabilities in its public-facing communications infrastructure. Boredbloke emphasized the need for formal vulnerability reporting mechanisms and business continuity planning during his communications with the military prior to account restoration.