Hackers Label Trump a ‘Shape-Shifting Lizard’ on Billboard, Overthrow North Korean Facebook Knockoff, and Steal NFL Players' Medical Evaluations

In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:

Texas Trump Opponents Have Fun with Insecure Road Sign

The same digital billboard in Dallas was changed twice in less than 48 hours by a person not employed by the Texas Department of Transportation.

Over Memorial Day weekend, the sign, located along westbound Interstate-30 at Cockrell Hill Road, read, “Party Hardy Yall!”

On Monday, the vandalism was deleted. The local government, at the time, said it took measures to secure the sign.

Apparently, the added protections weren’t strong enough.

On either Memorial Day or early Tuesday, the hacker(s) struck again.

This time, they smacked down GOP presidential frontrunner Donald Trump and championed Democratic contender Bernie Sanders. The messages were spread across multiple signs. The first called Trump a “Shape Shifting Lizard.”

The second billboard said, “Bernie For President.”

The perpetrator would have had to cut a lock off a box and reset the signs’ passwords to perform these changeroos.

A third sign was also hacked. It told Tuesday morning commuters “Work is canceled. Go back home.” All of the signs had been returned to their normal alerts by 5:08 a.m. on May 31.

NFL Players' Medical Records Stolen from Unencrypted Laptop in Trainer's Car

NFL has informed players that many of their medical evaluation records were stolen back in April. That is when a thief busted the window of a Redskins athletic trainer's locked car in downtown Indianapolis and took a backpack with a cache of electronic and paper medical files, including NFL Combine attendees from the last 13 years. 

"That would encompass the vast majority of NFL players, and for them, it’s a worrying breach of privacy," Deadspin writes. 

NFL Players Association Executive Director DeMaurice Smith on May 27, 2016, emailed each team's player representatives to inform them a password-protected, but unencrypted laptop containing the records had been stolen. The knapsack also held a zip drive and certain hard copy records.  

An NFL spokesperson said in a statement the club is taking all appropriate steps to notify any person whose information is potentially at risk. As of June 1, the league was not aware of any evidence the criminal accessed any information on the computer, nor aware any information has been made public.

A Skins spokesperson said no Social Security numbers, protected health information under the Health Insurance Portability and Accountability Act, or financial information, were stolen or are at risk of exposure.

The team immediately notified local law enforcement of the theft and has cooperated with its investigation. The team is working with the NFL and NFLPA to locate and notify players who may have been impacted.

North Korea's Facebook Knockoff Already Has Been Hacked

Reports of an attempt by the communist regime at building a social network surfaced Friday. Hours late, someone outside of North Korean Dictator Kim Jong-un's circle had hacked it. 

Someone far outside. 

An 18-year-old college student from Scotland named Andrew McKean typed a message inside the website's "Sponsored" box, reading: “Uh, I didn't create this site just found the login."

McKean attained North Korean system administration status just by clicking on the “Admin” link at the bottom of the site and guessing the username and password. The codes were not hard to crack: “admin” and “password.”

After reading a Motherboard article that revealed the new site, McKean said he looked at a demo for the off-the-shelf Facebook clone called phpDolphin and noticed the default ID combination for administrators was “admin” and “password,” so he tried his luck on the North Korean site.

McKean told Motherboard he has “no plans” to do much more with the site, other than perhaps redirect the site to an anti-North Korean site.

But for the time being, he practically has full control of the site. He could delete and suspend users, change the site’s name, censor certain words, and see everyone’s emails, according to McKean. In the backend, he is also able to see the name of the site, which is “Best Korea's Social Network.” 

The Most Followed Person on Twitter Has Been Hacked

Pop singer Katy Perry’s Twitter account on May 30 spewed offensive remarks and tweeted at rival star Taylor Swift that Perry missed her. 

In addition, Perry’s record-breaking account, with 89 million followers, tweeted a link to a track on SoundCloud, which is believed to be an unreleased Katy Perry song called “Witness.”

The tweets have since been deleted.

The hacker seems to be the Romanian-based Twitter user @sw4ylol.

The @sw4ylol account tweeted a takedown notice from SoundCloud and an image of a copyright claim from Perry's Universal Music.