On Tuesday morning, April 15, 2025, UK government minister Lucy Powell found herself at the center of a troubling incident when her X account was hacked to promote a fraudulent cryptocurrency named 'House of Commons Coin' or $HCC. The posts, which have since been deleted, falsely claimed that the coin was a 'community-driven digital currency' and even featured the official House of Commons logo, misleading her nearly 70,000 followers.
Powell's office quickly confirmed the hack and took immediate steps to remove the scam posts and secure her account. This incident highlights a growing trend where cyber criminals hijack high-profile social media accounts to advertise bogus crypto tokens. Rather than creating legitimate cryptocurrencies, these fraudsters often rely on phishing schemes or leaked credentials to gain control of accounts, posting about hastily launched schemes designed to profit from unsuspecting users' trust.
In this particular case, analysts reported that only 34 transactions occurred, resulting in a profit of approximately £225 for the scammers. The UK Parliament has reiterated its commitment to cybersecurity, emphasizing that Members of Parliament (MPs) are regularly advised on how to protect their accounts. The alarming rise in such incidents is underscored by Action Fraud, which reported over 35,000 cases of hacked social media or email accounts this year alone.
Earlier in 2025, BBC journalist Nick Robinson experienced a similar hack, where his account was compromised, leading to posts promoting a different fraudulent coin called '$Today'. These incidents raise questions about the effectiveness of current security measures on social media platforms and the need for enhanced protections against cyber threats.
Meanwhile, in Ireland, the Data Protection Commission (DPC) has opened a formal investigation into X (formerly Twitter) over allegations regarding the use of personal data from EU citizens as training data for the Grok AI application. This inquiry will focus on whether the data from X users across the EU and the European Economic Area (EEA) was processed lawfully in accordance with the EU's General Data Protection Regulation (GDPR).
Violations of the GDPR could lead to significant fines, potentially amounting to 4% of the total global revenue of a company. Given that X's European headquarters are located in Ireland, the DPC holds primary oversight over this investigation, which has garnered attention from privacy advocates, EU citizens, and regulatory bodies alike.
This investigation follows a similar case in December 2024 when OpenAI was fined £12.8 million (€15 million) by Italian regulators for processing users' personal data to train its ChatGPT application without a legal basis, thereby violating transparency principles and user information obligations.
X began sharing public posts, profile data, and user interactions with its AI division, xAI, last May, but this action was not communicated to users at the time. It only became widely known after a viral post in July revealed the extent of the data-sharing operation. Critics argue that the updates to X’s terms of service in September, which reflected data usage, came far too late and lacked meaningful user consent.
In August 2024, the DPC obtained a court order to temporarily halt X from using EU citizens’ data to train AI systems until users had been properly informed and given the option to opt-out. The court found that the opt-out mechanism had been introduced weeks after data collection had already begun, further complicating the matter.
Privacy advocacy group Noyb, led by lawyer and activist Max Schrems, has filed complaints against X in nine EU countries, criticizing the DPC for allegedly adopting a “pro-corporate” stance and failing to adequately address the legality of the data collection itself. Schrems stated, “We want to ensure that Twitter fully complies with EU law, which – at a bare minimum – requires to ask users for consent in this case.”
The scrutiny on X is further intensified by significant corporate restructuring within Elon Musk’s tech empire. In March 2025, xAI acquired X in an all-stock deal valued at £24.8 billion ($33 billion), merging the data source with the AI development arm under Musk's leadership. This consolidation raises critical questions about how user data is utilized in building and training advanced AI models.
The case is being closely monitored across the tech and regulatory communities, as it could set a precedent for how generative AI systems collect and use publicly accessible online data under EU law. X’s AI strategy was presented to investors as a competitive advantage, emphasizing that its access to real-time social media data would provide Grok with a unique edge in training compared to its rivals.
In another development within the blockchain space, Polkadot is set to host an Ask Me Anything (AMA) session on X on April 22, 2025, at 15:00 UTC. This event will feature builders from Cosmos, Agoric, and Polkadot, who will discuss chain abstraction, cross-chain user experience, and the progression towards seamless Web3.
Polkadot, co-founded by Dr. Gavin Wood, aims to advance blockchain technology by focusing on security, scalability, and innovation. The project seeks to create an infrastructure that supports new concepts while maintaining interoperability, marking a significant step in the evolution of blockchain technology.
In Polkadot’s ecosystem, individual blockchains are referred to as “parachains,” with the main chain known as the “Relay Chain.” This network promotes constant and smooth information exchange between parachains and the Relay Chain, thereby enhancing interoperability. Through the Substrate platform, developers can create custom parachains that become interoperable with all other parachains once connected to the Polkadot network.
The native token of Polkadot, DOT, not only provides governance rights but also facilitates network consensus through staking, incentivizing holders to adhere to the rules to avoid losing their stake. Furthermore, DOT is used for “bonding” when adding new parachains to the ecosystem, where the bonded DOT remains locked during the bonding period and is released after the parachain is removed from the ecosystem.
As these various incidents unfold, they reflect the ongoing challenges and complexities of navigating cybersecurity, data privacy, and technological innovation in an increasingly digital world.
