High-Profile Twitter Hacker Ordered to Repay £4.1 Million in Bitcoin

British authorities have secured a major financial recovery in connection with the infamous 2020 Twitter breach, ordering convicted cybercriminal Joseph James O’Connor to repay millions in cryptocurrency linked to the attack. The recovery marks a significant step in preventing cybercriminals from profiting from large-scale online fraud schemes—even when prosecutions occur outside the United Kingdom.

Background: The 2020 Twitter Breach

In July 2020, Twitter (now X) experienced one of the most high-profile cybersecurity incidents in social media history. Attackers gained access to internal administrative tools and compromised accounts belonging to:

• Former U.S. President Barack Obama

• Then-presidential candidate Joe Biden

• Tesla CEO Elon Musk

• Bill Gates, Warren Buffett, Kim Kardashian, and other public figures

The hijacked accounts were used to post messages promoting a fraudulent Bitcoin scheme, prompting Twitter to temporarily lock down all verified accounts to contain the incident.

Who Is Joseph James O’Connor?

Joseph James O’Connor, now 26, played a central role in orchestrating the intrusion. Operating online under various aliases, O’Connor participated in compromising internal Twitter systems, conducting account takeovers, and extorting celebrities using stolen data.

Key legal developments include:

• 2021: Arrested in Spain

• 2023: Extradited to the United States, where he pleaded guilty to computer intrusion, wire fraud, extortion, and related offenses

• 2023: Sentenced to five years in prison

Because the victims, digital evidence, and operational impacts were primarily U.S.-based, Spain’s High Court determined that the U.S. judiciary was best positioned to prosecute the case.

Civil Recovery: UK Seizes 42 Bitcoin

Although the conviction occurred in the U.S., the UK's Crown Prosecution Service (CPS) pursued a civil recovery order to seize assets tied to O’Connor’s criminal activity. On Monday, prosecutors confirmed that:

• 42 Bitcoin and additional crypto assets—worth £4.1 million ($5.4 million)—have been forfeited

• The assets were previously frozen through a property freezing order during extradition proceedings

• A court-appointed trustee will oversee liquidation of the cryptocurrency

Prosecutor Adrian Foster emphasized that civil recovery powers allow the UK to prevent criminals from retaining illicit gains, regardless of where they are convicted.

Significance of the Ruling

The recovery underscores several key themes in modern cybercrime enforcement:

• Cross-border cooperation is essential in cyber investigations involving multinational victims and digital evidence.

• Civil financial recovery can be pursued independently of criminal trials when assets are located within UK jurisdiction.

• High-profile incidents continue to highlight the vulnerabilities of major platforms and the importance of strengthened internal security controls.

The ruling ensures O’Connor cannot profit from one of the most widely publicized social engineering attacks of the last decade.