The full story:-
But basically what happened here is that the Associated Press twitter account(s) had weak passwords, and the “hackers” found out what the passwords were and used that knowledge to post a fake announcement.
We can blame the hackers for probing for weak passwords, finding one, and then posting something to an account that didn’t belong to them.
But should we also not blame the Associated Press for using weak passwords in the first place? This isn’t just some individual’s twitter account blathering on about what they ate for breakfast, but an organisation’s account that is used for publishing news.
And that news was pounced upon by HFT traders causing a big share price drop (itself a matter of concern). So some people may well have suffered a genuine financial loss here, and whilst the blame needs to be shared out appropriately, Associated Press is at least partially to blame.