Minister for Communications and Digitalisation, Samuel Nartey George, has confirmed that it took 26 hours to regain full control of President John Mahama’s official X account following a breach in March.
He noted that the recovery process was handled in coordination with platform operators at X and supported by law enforcement agencies, including the FBI.
Addressing Parliament on Wednesday, Minister Sam George provided a detailed account of how the issue was managed, subsequently responding to a question raised by Minority Chief Whip, Annoh Dompreh on the number of hours it took for the recovery.
He explained that while full access to the account was restored after 26 hours, critical steps were taken within the first few hours of the incident.
“Within three hours of detecting the breach, we had engaged our point of contact at X. The platform took immediate control of the account. However, as per their internal protocols, a full security review had to be conducted before access could be reinstated.”he said
According to the Minister, the nature of the incident required collaboration with multiple stakeholders, including Ghana’s Cybersecurity Authority, the President’s digital communications team, and international partners. “Given the profile of the account involved, the FBI was also engaged to support the investigations,” he added.
He assured the House that there was no indication of a wider system failure or threat to Ghana’s national digital infrastructure. “All identified vulnerabilities related to the account have been addressed. Our national systems remain secure and robust,” he affirmed.
On 16th March 2025, the President’s official X account was used to post unauthorised promotional content linked to a cryptocurrency platform called Solana Africa. The post falsely suggested presidential endorsement of a digital token investment scheme.
Following investigations, the Cybersecurity Authority found that the breach occurred through a social engineering attack targeting a public relations officer who manages the President’s account. The attackers used deceptive techniques—rather than technical force—to gain access.
The Ministry of Communications says the incident underscores the importance of strengthening digital awareness and security protocols among all personnel managing high-level public accounts.