In a city the size of Tampa, how could the mayor’s account have been so vulnerable?

TAMPA, Fla. — An investigation is underway and the City of Tampa is reviewing its cybersecurity vulnerabilities after someone hacked into Mayor Bob Buckhorn‘s personal Twitter account early Thursday.

The posts, which included racist, pornographic and possibly dangerous messages, raised questions about how it could have happened and why it took the city as long as it did to react.

“We are still working to figure out who did it,” said Tampa police spokesman Steve Hegarty, “But the stuff has been taken down.”

The posts included threats of a bomb at Tampa International Airport and an incoming ballistic missile strike.

In a city the size of Tampa, how could the mayor’s account have been so vulnerable?

“This is the first time that something like that has happened to us,” said Communications Director Ashley Bauman. “You know, government and public figures get hacked daily. So, we’re going to look at the best practices moving forward.”

Buckhorn was out of town on a hunting trip when the hack took place.

Bauman says it was the mayor’s personal Twitter account that was compromised, not an official city account.

Still, what happens on the Buckhorn’s Twitter feed automatically ends up on the city of Tampa’s website through what’s called an RSS feed.

Those kinds of messages can be taken down in minutes. But the vile, threatening posts made using Buckhorn‘s Twitter account remained on the city’s official website for hours.

“Our security is different than our social media monitoring,” said Bauman. “There is a chance that we might look into a person that monitors social media 24/7, but that’s a staffing issue.”

For now, the city of Tampa has just three people on its social media team. Not one of them works overnights.

The early morning hour of the attack, says Bauman, likely delayed their response, “I would say probably about two hours.”

Tampa is also home to MacDill Air Force Base, as well as the military’s central and Southern Command. So, missile threats are serious business.

“We’ve been in contact with the FBI,” said Hegarty, “And they are willing to help out in any way they can.”

Tampa police say there’s no evidence any other accounts linked to the city have been compromised.

But on Thursday, anyone with ties to Tampa’s social media network was being told to change their passwords and implement a two-step verification process.

While many would consider that a basic safety measure in this day and age, apparently it was not in place. Now it will be.

“There’s people that can hack into, you know, high-level websites with little or no effort,” said Councilman Luis Viera, “So, as a city, we need to do be doing a better job of monitoring that, clearly.”

Tampa police thinks the hacker or hackers targeted Mayor Buckhorn‘s account because he has a large number of followers, and their messages would be seen by a lot of people.

By our calculations, it took nearly four hours for Tampa to get that info off the city site. And took six hours and 18 minutes to remove it from Twitter.

What other people are reading right now:

►Make it easy to keep up-to-date with more stories like this. Download the 10News app now.