(The hack) was a violation, it wasn't a big deal. But it shows you, it reminds you, once again, of how dangerous these different groups are and how capable they are. —Defense Secretary Chuck Hagel
WASHINGTON — The Twitter and YouTube sites for the U.S. military's Central Command are back online after being taken over by hackers claiming to support the Islamic State militant group, and Pentagon officials are reviewing some security protocols in the wake of the breach.
Col. Steve Warren, a Pentagon spokesman, said Tuesday that it is too soon to tell who the hackers are and where they got some of the official documents they placed on Central Command's Twitter feed Monday. The documents included some personal phone numbers and email addresses and a few slides that were prepared by an independent research group.
Defense Secretary Chuck Hagel, visiting Whiteman Air Force Base, Mo., said Tuesday that the hack "was a violation, it wasn't a big deal. But it shows you, it reminds you, once again, of how dangerous these different groups are and how capable they are."
The hacker group, calling itself CyberCaliphate, was already under FBI investigation for incursions into the Twitter feeds or websites of media outlets in New Mexico and Maryland, prompting officials to question whether the group has any real affiliation with the Islamic State militants. The U.S. and other partner nations have been launching airstrikes against Islamic State insurgents and locations across Iraq and Syria since last summer.
The Pentagon called the breaches an annoying prank and said they did not affect military networks or access classified or operational data.
Warren said Tuesday the Defense Department has not issued a broad instruction to change or update its password and verification profiles on the social media sites. But he said accounts within the office of the secretary of defense, which includes Pentagon press operations, have made passwords and security changes in more than 50 accounts. The Defense Department has thousands of social media accounts across all the military services, commands and bases.
U.S. Central Command Twitter accounts in English and Arabic and the YouTube site were quickly removed from the web about a half hour after the breach, and were back online late Monday night.
FBI spokesman Joshua Campbell said the bureau is investigating the Central Command Twitter and YouTube breaches and is working with the Pentagon to determine the scope of the incident.
The Central Command Twitter site was filled with threats that said "American soldiers, we are coming, watch your back." Other postings appeared to list names, phone numbers and personal email addresses of military personnel as well as PowerPoint slides and maps.
Most of the material was labeled "FOUO," which means "For Official Use Only," but none of it appeared to be classified or sensitive information. U.S. Central Command said that none of the information and documents posted on the hacked site were from the command's Internet servers or social media sites.
The breach only affected the Twitter and YouTube sites, which reside on commercial, non-Defense Department Internet servers.
One of the documents appeared to be slides developed by the Massachusetts Institute of Technology's Lincoln Laboratory, a federally funded research and development center focused on national security. The slides appeared to depict what it called "scenarios" for conflict with North Korea and China. It's not clear where the documents came from or how long ago they might have been taken, since some of the information was as much as a year old.
The tweets came shortly after U.S. Central Command posted its own tweets about the U.S. and partner nations continuing to attack Islamic State terrorists in Iraq and Syria and one repeating a report that said France will deploy an aircraft carrier to the fight.
The hackers titled the Central Command Twitter page "CyberCaliphate" with an underline that said "i love you isis." And the broader message referred to the ongoing airstrikes against the Islamic State group in Iraq and Syria and threatened, "We broke into your networks and personal devices and know everything about you. You'll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base."
It added: "US soldiers! We're watching you!"
Some IS militant videos also were posted on the Central Command's YouTube site, purporting to show military operations and explosions.
Associated Press writers Josh Lederman and Eric Tucker and AP Broadcast reporter Sagar Meghani contributed to this report.