Dutch prosecutors have confirmed that President Donald Trump’s Twitter account was indeed hacked by a so-called “ethical hacker” who didn’t have to work too hard to guess Trump’s password: “maga2020!”
In November, Victor Gevers, a Dutch security expert, cooperated with investigators from the Dutch Public Prosecution Service and freely released information and screenshots about the Oct. 16 hack.
“He … stated to police that he had investigated the strength of the password because there were major interests involved if this Twitter account could be taken over so shortly before the presidential election,” Dutch authorities told the BBC on Wednesday. Hacking is a criminal offense in the Netherlands. Still, Gevers will not be prosecuted for his actions — likely because, after initiating the hack, he tried to contact U.S. authorities and offered advice on how to make Trump’s account more secure.
“The Public Prosecution Service believes the hacker has actually penetrated Trump’s Twitter account but has met the criteria that have been developed in case law to go free as an ethical hacker,” the service said in a statement.
Gevers said in October that he guessed Trump’s password on his fifth attempt. Gevers told De Volkskrant that he had logged into Trump’s account once before, in 2016, after thinking the password “your fired” and was acting with good intentions to test the security of verified Twitter accounts.
Once Gevers accessed the account with relatively little trouble, he reportedly contacted the Trump campaign team. He suggested it enable two-factor authentication and change the password to something more complex, like “! IWillMakeAmericaGreatAgain2020 !”
Two-factor authentication was enabled the following day, Gevers said. Trump’s team initially failed to answer Gevers, but Secret Service officials eventually thanked him for exposing the vulnerability.