‘Compromised’ account led to ‘Asl#’ tweet: Boston police

After a mysterious bit of chatroom speak appeared on its Twitter feed, the Boston Police Department is claiming its account was “compromised.”

“Asl#” the department tweeted to its more than 300,000 followers just after 9 p.m. Monday.

The phrase, shorthand for “age/sex/location” is one chatroom users might recognize as an Internet old school (and sometimes flirtatious) way to learn background information about strangers online.

But two police spokespeople told Metro on Tuesday the tweet wasn’t a case of an accidental tweet from a BPD handle-minder, but the work of a hacker.

“We know that’s not the case,” said Officer Rachel McGuire, BPD spokeswoman. “We do believe our account was compromised and we’ve taken steps to prevent that from happening again.”

Steps include changing passwords, said Lt. Mike McCarthy, a department spokesman. He said police have not opened an investigation into what happened.

The supposed hack is a cautionary tale for Twitter users, particualrly ones operating handles as high-profile as BPD’s, experts told Metro.

“They should be happy it wasn’t worse, plain and simple,” said Robert Siciliano, Boston-based CEO of IDTheftSecurity.com. “Someone could have easily used the Boston Police Department Twitter feed and caused chaos.”

Siciliano pointed to the 2013 hack of the Twitter account run by news organization the Associated Press. In that now-infamous case, a hacker’s hoax tweet about an attack on the White House led to an online panic and stock market plunge.

The department, he said, needs to discern how the alleged breach happened: A bad wifi connection at a coffee shop? A malware infestation on an at-home PC?

Everyday Twitter users should take notice, too, said John Carroll, mass communication professor at Boston University.

“We’re finding more and more that almost no one is un-hackable,” Carroll told Metro.

As for the strange message that the supposed hackers decided to transmit to BPD’s followers, Carroll said the tweet was unusual, but might actually fit the mold of past hacks.

“Sometimes the hack is there to deliver a specific message, so you want this to come to public attention and have some specific objective,” he said. “There’s another situation where you hack someone else to show that these people can be hacked. That, in itself, is the message.”

As of noon on Wednesday, police had not tweeted anything about the alleged hack.

The department has been the target of online pranksters before.

In 2012, the department’s site BPDNews.com was the target of a hack by the group Anonymous. The site suffered a similar breach in 2006.