In July 2020, as the world grappled with the uncertainty of a global pandemic, Twitter—now known as X—fell victim to a cyberattack that sent shockwaves through the digital landscape. The breach, orchestrated by a British hacker named Joseph James O’Connor, known online as “PlugwalkJoe,” compromised more than 130 high-profile Twitter accounts, including those of Barack Obama, Joe Biden, Elon Musk, Bill Gates, Jeff Bezos, Apple, and Uber. The fallout from this hack continues to reverberate, culminating recently in a landmark legal action that underscores the growing international resolve to tackle cybercrime and seize ill-gotten digital assets.
On November 17, 2025, British prosecutors announced that O’Connor, now 26 and originally from Liverpool, must surrender £4.1 million (about $5.4 million) worth of Bitcoin and other crypto assets linked to his crimes, according to Reuters and BBC. The order, secured by the UK’s Crown Prosecution Service (CPS), represents one of the largest crypto-related seizures in the country’s history and sends a powerful message: cybercriminals can run, but they can’t hide—not even behind the anonymity of blockchain technology.
O’Connor’s cybercrime saga began with a surprisingly low-tech approach. Rather than exploiting sophisticated software vulnerabilities, he and his co-conspirators relied on social engineering—essentially, talking their way past Twitter’s defenses. As BBC and Invezz report, the group contacted a handful of Twitter employees, spun convincing stories, and persuaded them to hand over internal login credentials. With access to Twitter’s powerful administrative tools, the hackers were able to reset passwords, bypass two-factor authentication, and take control of some of the world’s most influential accounts.
Once inside, O’Connor and his crew launched a “giveaway scam” that was as simple as it was effective. They posted tweets from hijacked accounts, promising to double any Bitcoin sent to specific digital wallets—framing the scheme as a charitable initiative or COVID-19 relief effort. The ruse was so convincing that thousands of users fell for it. Within hours, 426 transfers totaling over 12.86 Bitcoin (worth around $110,000 at the time, now valued at $1.2 million) flooded into the scammers’ wallets, according to BBC. In total, the group is believed to have netted approximately $794,000 in cryptocurrency before Twitter managed to wrest back control. An estimated 350 million Twitter users were exposed to the suspicious tweets from the platform’s most prominent figures and brands.
The audacity of the attack was matched only by its reach. As Invezz notes, O’Connor’s targets included a veritable who’s who of global power and celebrity, from tech giants and politicians to major corporations. The attack exposed a critical vulnerability in Twitter’s internal security protocols—one that few outside the company had even considered: the sheer number of employees and partners with access to sensitive administrative tools.
O’Connor’s run didn’t last long. After the hack, he fled to Spain, where his mother lives. Spanish authorities arrested him in July 2021, and he was subsequently extradited to the United States to face trial. There, he pleaded guilty to multiple charges, including computer intrusion, wire fraud, extortion, and money laundering, as reported by Reuters and BBC. In June 2023, a US court sentenced him to five years in federal prison.
But prison time wasn’t the end of the story. The UK’s CPS, working closely with US and Spanish agencies, launched a parallel effort to ensure O’Connor could not profit from his crimes. Their investigation revealed that O’Connor had accumulated a significant stash of digital assets, not only from the Twitter hack but also from other criminal hacks carried out with young accomplices he met while playing Call of Duty online, according to BBC. Three other hackers have been charged in connection with the scam, including US teenager Graham Clark, who pleaded guilty in 2021.
Adrian Foster, Chief Crown Prosecutor for the CPS Proceeds of Crime Division, emphasized the significance of this cross-border effort. “Joseph James O’Connor targeted well-known individuals and used their accounts to scam people out of their crypto assets and money,” Foster said, as quoted by BBC. “We were able to use the full force of our powers to ensure that even when someone is not convicted in the UK, we can still prevent them from benefiting from their criminality.”
The recent civil recovery order mandates that O’Connor hand over 42 Bitcoin and other digital assets—worth approximately £4.1 million at the current market value—to a court-appointed trustee, who will oversee the sale of these assets. The move ensures that O’Connor cannot walk away with a single pound from his criminal exploits. As Invezz points out, this case is a clear demonstration of how global cooperation between law enforcement agencies is evolving to meet the challenges posed by cybercrime and the rise of cryptocurrencies.
What stands out most in this saga is the international coordination that made the asset recovery possible. Despite O’Connor’s conviction occurring in the United States, British authorities leveraged their civil recovery powers to go after his assets. The CPS Proceeds of Crime Division, in partnership with counterparts in the US and Spain, worked diligently to prevent O’Connor from concealing or transferring his crypto holdings before the order was enforced. This case, as Invezz observes, is a sign that the era of cybercriminals pulling off multi-million dollar online scams and disappearing into the digital ether is coming to an end. Law enforcement agencies are becoming more connected, more aggressive, and far more adept at following the money trail, no matter how complex or international it may be.
The repercussions of the 2020 Twitter hack have been far-reaching—not just for the victims and the company itself, but for the global fight against cybercrime. Twitter was forced to overhaul its internal security protocols, limiting employee access to sensitive tools and implementing stricter authentication measures. The hack also served as a wake-up call for other tech giants, highlighting the human element as a potential weak link in even the most fortified digital defenses.
For the victims—be they celebrities, politicians, or ordinary users duped by the scam—the legal resolution offers a measure of justice, if not full restitution. And for O’Connor, the consequences are clear: five years behind bars in the US, and now, the loss of every pound of his ill-gotten gains.
This landmark case marks a turning point in the international response to cybercrime, illustrating that digital criminals, no matter how clever or far-flung, can no longer count on the secrecy of cryptocurrencies or the complexity of international borders to shield them from justice.
