Cyber Incident Victim: Fifth Harmony

On March 12, 2017, the official website of American girl group Fifth Harmony (fifthharmony.com) was compromised by a hacker using the alias "Rekan Error" while the group attended the Kids’ Choice Awards in Los Angeles. The attacker replaced the site's content with a defacement page displaying a Kurdish flag at the top, accompanied by the hacker's Gmail address and explicit political messages stating "Kurdish hacker was here… Long live to Kurdistan, Peshmerga," followed by "F**k ISIS… F**k Turkey." This intrusion occurred during a period of high visibility for the group, coinciding with their participation in a major public event. The same hacker simultaneously defaced two additional celebrity websites: that of Olympic champion and broadcaster Scott Hamilton and music artist Chelsea Bain. All three defacements featured identical content, demonstrating a coordinated attack against multiple entertainment industry targets.

Fifth Harmony's fanbase quickly detected the compromise through social media platforms like Twitter, prompting rapid awareness of the incident. Website administrators restored all affected sites within hours of the breach, though the temporary unavailability caused disruption to official communications channels. The attack leveraged high-profile domains to amplify political messaging against the Islamic State (ISIS) and the Turkish government, consistent with previous activities by Kurdish-affiliated hackers. Historical context indicates this was part of a pattern, as another Kurdish hacker known as Muhammad Emad had previously defaced the Etowah County Sheriff’s Office website and Dell subdomains in France, Ireland, and the Netherlands with similar anti-ISIS and anti-Turkey rhetoric. No data theft or persistent malware was reported, with the incident limited to temporary website defacements serving as digital protest vehicles.