LONDON - Hundreds of Twitter accounts, including the Colorado Springs Fire Department's, were hijacked amid the ongoing diplomatic feud between Turkey and Germany and the Netherlands.
It's not clear how many accounts were taken over late Tuesday but the targets ranged from celebrities to sports organizations to government agencies.
"This is a small Ottoman slap," the swastika-studded messages read in part, blasting "Nazi Germany" and "Nazi Holland."
The single tweet also made its way to the Colorado Springs Fire Department's public information officer's Twitter page.
It led with a swastika and referenced April 16th, the day Turkey is set to hold a referendum on replacing its parliamentary system with a stronger executive presidency. The profile and cover photos also were changed to show an Ottoman Empire badge and Turkey's flag.
The local hack was first reported by Channel 13, which captured a screen shot of the tweet.
Forbes, UNICEF, Duke University, Amnesty International and Starbucks Argentina also were among those who appear to have had their Twitter accounts hijacked. Tennis star Boris Becker and the official account of soccer club Borussia Dortmund were also taken over, according to German news agency dpa.
"My Twitter account was hacked !!!" Becker said in a follow-up tweet . "I never posted this as I obviously don't speak Turkish ..."
The Fire Department was able to take back its account around 7 a.m. Wednesday, and most, if not all, high-profile accounts appear to have since returned to normal.
"Our passwords are changed and the city is working on it as a cybersecurity and IT issue," fire spokesman Capt. Steve Wilch said.
The Twitter hijackings are the latest in a campaign of online vandalism that has followed from days of escalating tensions between Turkey and its European partners. Politicians from Turkey's ruling party have demanded to campaign in Europe ahead of their country's constitutional referendum. The demands have met with refusals and controversy, which has devolved into angry nationalist chest-thumping, a display mirrored online by a campaign of low-level web defacements.
On Monday, several hundred websites were hit at a single Dutch internet hosting provider, Versio, according to an employee who posted a message to the company's help forum.
The mass hijack appears to have been the result of a weakness in a third-party social media management program, Twitter Counter, which is based out of Amsterdam. Twitter Counter CEO Omer Gidor said in an email that the company was investigating the matter.
"We've already taken measures to contain such abuse of our users' accounts, assuming it is indeed done using our system," he said in an email. Neither he nor Twitter could say how many people were affected.
Twitter said it has revoked access to block the app.
Security experts said that the hijack showed the danger of handing over social media accounts to third parties, a move typically taken by companies juggling several personas online.
Colorado Springs' National Cybersecurity Center CEO Ed Rios said these type of hacks are possible because of permissions users grant when downloading applications.
The apps often ask users if they can access their contacts, photos and sometimes social media accounts, like Twitter and Facebook, and people typically tap yes without thinking "because if they say no they app doesn't work," Rios said. But when granted, the "handshake" agreement, so to speak sometimes can give hackers easy access to personal information, he said.
"If anything happens in that app, it extends to anything that touches it," Rios explained.
Rios recommends users download a malware protection app, like Norton or McAfee, which alert to potential threats before access is granted. NCC also holds training on how best to protect against hackers.
It's not clear who is behind the latest round of hijackings.
A Turkish group calling itself Private Hackers, who've claimed responsibility for the earlier defacement campaign, has so far not returned emails from The Associated Press. A number listed by the group in its internet registry records appeared to be out of service.
Reporter Kaitlin Durbin contributed.
Contact Kaitlin Durbin: 636-0362
Facebook: Kaitlin Durbin