A U.S. cybersecurity researcher named Kevin McSheehan exploited a glitch in the CIA’s official X (formerly Twitter) account that misrouted a link meant for Russian informants. Instead, the link led to a Telegram channel he controlled.
The flaw stemmed from how X truncated a Telegram URL. The CIA had posted a link inviting informants to reach out via Telegram. But the truncation made it an unclaimed username, leaving the link vulnerable. McSheehan noticed the error.
Fearing that hostile actors could exploit the glitch, he quickly registered the username himself. He turned the channel into a “warning page” clarifying it was not official and cautioned against submitting any sensitive information.
McSheehan told Insider he saw the risk immediately: “My biggest fear was that a country like Russia, China, or North Korea could easily intercept Western intelligence.”
After being alerted to the issue, X and the CIA quickly corrected the link. McSheehan said he commends the rapid fix but criticized that the mistake went unnoticed for some time.
This incident underscores the risks inherent in linking sensitive operations to public social accounts. It also shows how even small technical faults can expose national security vulnerabilities in the digital age.
