The verified X (formerly Twitter) account of UK Minister Lucy Powell was compromised on April 15, 2025, to promote a fraudulent cryptocurrency scheme dubbed “House of Commons Coin” ($HCC). The attackers used the official House of Commons branding to lend credibility to the scam, which netted approximately £225 before the account was secured. This incident follows a pattern of high-profile account takeovers targeting politicians and public figures for cryptocurrency fraud.
Attack Timeline and Technical Details
According to BBC News1, the attackers posted multiple tweets promoting $HCC as a “community-driven digital currency” between 14:30 and 15:45 GMT. The posts included a link to a fraudulent website mimicking official UK government styling. Powell’s team detected the breach within 47 minutes and worked with X’s support to remove the content and secure the account. Blockchain analysis by CoinShares1 revealed only 34 transactions occurred, suggesting limited success despite the account’s 70,000 followers.
The Independent2 reported that the scammers used the ticker “$HOC” (House of Commons Coin) and falsely claimed it was an official government-backed cryptocurrency. Security firm Darktrace noted the attack bore similarities to recent incidents involving deepfakes of political figures. The Malay Mail4 highlighted parallel attacks against Ghanaian President John Mahama’s account in March 2025, where attackers promoted “Solana Africa.”
Security Implications and Response
Action Fraud, the UK’s national reporting center for cybercrime, confirmed this was among 35,343 social media and email hacks reported in 20241. Parliament’s cybersecurity team declined to specify whether two-factor authentication (2FA) was enabled on the compromised account but reiterated standard security protocols. Luke Nolan of CoinShares characterized the operation as a “pump and dump” scheme that exploited the perceived trust in verified accounts.
Technical analysis suggests the attackers likely gained access through:
- Phishing credentials (most probable according to Bitcoinist3)
- Session hijacking via compromised devices
- Third-party app vulnerabilities
Broader Threat Landscape
This incident forms part of a worrying trend documented by multiple sources. The Peninsula Qatar5 noted similar scams exploiting public trust in figures like Donald Trump and Javier Milei. Bitcoinist3 reported a February 2025 incident where BBC journalist Nick Robinson’s account was compromised for crypto fraud. Darktrace’s analysis suggests these attacks are becoming more sophisticated, often combining account takeovers with cloned websites and fake customer support channels.
“Verified accounts remain prime targets due to their built-in credibility. When a minister’s account posts about cryptocurrency, followers assume it’s legitimate – that’s exactly what scammers bank on.” – Luke Nolan, CoinShares1
Mitigation Strategies
For organizations managing high-profile social media accounts, security teams should implement:
| Measure | Implementation |
|---|---|
| Access Control | Require 2FA and unique passwords for all admin accounts |
| Monitoring | Establish alerts for unusual posting activity or login locations |
| Response Plan | Pre-arranged recovery protocols with platform support teams |
The Reddit cybersecurity community6 criticized X’s account security measures, noting several recent high-profile breaches. While the financial impact here was minimal, the reputational damage and potential for more successful future attacks remain significant concerns.
Conclusion
The Powell account breach demonstrates how attackers are weaponizing trusted communication channels for financial scams. While the immediate losses were small, the incident highlights systemic vulnerabilities in social media account security for public figures. Organizations should treat verified social media accounts with the same security rigor as corporate email systems, implementing layered defenses and rapid response protocols.
References
- “UK Minister Lucy Powell’s X Account Hacked to Promote Crypto Scam,” BBC News, Apr. 15, 2025. [Online]. Available: https://www.bbc.com/news/articles/cr5drp0n8zjo
- “Crypto scam: Labour’s Lucy Powell has X account hacked,” The Independent, Apr. 15, 2025. [Online]. Available: https://www.independent.co.uk/news/uk/politics/crypto-scam-labour-lucy-powell-hacked-b2733517.html
- “Crypto Con Hits High Office: Minister’s X Account Hacked,” Bitcoinist, Apr. 16, 2025. [Online]. Available: https://bitcoinist.com/crypto-con-hits-high-office-ministers-x-account-hacked/
- “Scammers turn UK minister’s X account into crypto con megaphone,” Malay Mail, Apr. 16, 2025. [Online]. Available: https://www.malaymail.com/news/world/2025/04/16/scammers-turn-uk-ministers-x-account-into-crypto-con-megaphone/173224
- “The X account of a British minister was hacked Tuesday to promote a fraudulent ‘House of Commons’ cryptocurrency,” The Peninsula Qatar [Facebook], Apr. 16, 2025. [Online]. Available: https://www.facebook.com/thepeninsulaqatar/posts/1092680176226543
- “Minister’s X account hacked to promote crypto scam,” Reddit, Apr. 2025. [Online]. Available: https://www.reddit.com/r/CryptoCurrency/comments/1jzsws2/ministers_x_account_hacked_to_promote_crypto_scam/
