The tweet was a fake, fired from a hijacked Associated Press account that normally commands high trust on trading floors. Yet in those few minutes the message coursed through sentiment-scanning algorithms, headline feeds, and high-frequency trading desks faster than any editor could type a correction. The brief crash became a case study in how a single corrupted data point can ricochet through automated markets at machine speed.
A Phished AP Credential Lights the Fuse
Earlier that day, a phishing email posing as a routine news bulletin reached several AP staffers. One login served up live credentials to the Syrian Electronic Army, the hacktivist group that later claimed responsibility, as reported by TechCrunch.
Minutes after 1 p.m., the attackers tweeted the false report of explosions at the White House. The message’s overlap with fresh memories of the Boston Marathon bombing gave it added plausibility. Because @AP headlines often move markets, many sentiment models assigned the tweet maximum credibility without waiting for corroboration.
The account’s two-million-plus followers included nearly every major financial-news aggregator. That reach turned a single stolen password into a macro-scale market event. Although AP issued a correction in roughly three minutes, latency-sensitive strategies had already reacted, and liquidity began to thin as market makers yanked quotes.
Seconds of Chaos on the Tape
Ticker reconstructions show the S&P 500 falling almost one percent in about two minutes before recovering by 1:13 p.m. Flight-to-safety assets moved in mirror image: Treasury futures ticked higher and gold inched up, while volatility benchmarks spiked.
Market makers later told CNBC they widened spreads from pennies to dollars, or pulled bids entirely, because quoting through a potential terror attack felt reckless. With human traders stunned, algorithms supplied most of the flow; trade volumes ballooned well above the usual midday lull.
Liquidity snapped back as quickly as it vanished, but the moment mattered. Funds running strict stop-loss rules sold near the lows and never enjoyed the rebound. The episode also revealed how price dislocations can outlive the rumor that created them, embedding real costs even when charts normalize.
Algorithms Meet an Information Wildfire
Why did automated desks react so violently? News-analytics engines scrape thousands of headlines each second and assign sentiment scores that nudge trading signals. A headline mentioning violence near the U.S. president earns an extreme negative score, triggering sell directives unless filters flag the item as unverified.
Data firm Nanex estimated a 17-second gap between the initial tweet and the first wave of bulk order cancellations, suggesting many models waited for the tweet’s retweet velocity to cross a preset threshold before acting, according to CNBC.
High-frequency market makers then compounded the swing. Standard playbooks call for widening spreads or stepping away when volatility surges, a defensive move that also deepens any price gap by draining standing liquidity.
Regulators Install New Guardrails
The flash crash added urgency to market-structure reforms already under discussion after the 2010 May 6 crash. Two weeks later the Securities and Exchange Commission cited the incident while voting to strengthen the pilot Limit-Up/Limit-Down mechanism that pauses trading when prices breach set bands, according to an archived statement on SEC.gov.
The LULD program's pilot period was extended in 2016. Under the rule, broad-based ETFs such as SPY now halt for 15 seconds if they move too far too fast—a speed bump that likely would have slowed the 2013 slide.
Exchanges also introduced so-called kill switches. Nasdaq won approval in 2014 for a control that lets broker-dealers cut off all new orders when internal risk limits trip, a direct response to both the 2013 flash crash and the prior year’s Knight Capital software glitch documented in a rule filing.
Finally, regulators leaned on Rule 15c3-5, which already required real-time pre-trade risk checks. Supervisors used the tweet debacle to illustrate why those controls must operate without human delay or discretionary overrides.
How Desks Hardened Their Playbooks
Data vendors such as Bloomberg and Refinitiv soon added flags that classify social-media posts as verified, unverified, or disputed. Many buy-side firms re-coded sentiment engines so that a headline must be corroborated by at least two trusted sources before triggering an automated order.
Exchanges expanded real-time drop-copy feeds, giving compliance teams a mirror of every inbound order. If an algorithm starts firing a pattern tied to a questionable headline, risk desks can now spot it in seconds and flip the kill switch.
Alternative-data desks went the other direction, refining machine-learning filters to distill useful signals from Twitter’s noise. A 2018 IEEE study by Mansfield et al. found that properly cleaned Twitter sentiment can forecast short-horizon volatility, underscoring that the goal is smarter filters, not blanket bans, as the authors noted on ArXiv.
Echoes in Today’s Meme-Driven Surges
The GameStop rally of January 2021 offered a stress test for the post-2013 safeguards. Retail traders on Reddit’s WallStreetBets sent GME up more than 1,700 percent, yet the broader market barely wobbled. Market-wide circuit breakers never came close to tripping, and LULD pauses throttled trading in the most volatile names without spilling into index futures.
Still, every deep-fake video or viral rumor pushes the system anew. In 2023 alone, false reports of tech-CEO health scares and fabricated central-bank statements sparked short-lived swings before verification checks kicked in.
Regulators now study whether future safeguards must account for AI-generated misinformation that can mimic trusted sources even more convincingly than the Syrian Electronic Army did in 2013.
Enduring Lessons on Speed and Fragility
A decade later, the hacked-tweet crash still frames debates over market resilience. The episode showed that speed amplifies error, but it also spurred the faster brakes—LULD bands, kill switches, real-time surveillance—that now keep most bad data points from snowballing.
Yet the core paradox endures: as trading models drink from ever-wider streams of alternative data, the weakest source can still rattle trillion-dollar markets. The next stress test may hinge not on how fast machines trade, but on how fast they ask whether the headline in their feed is real.
Sources
- New Yorker. “The Number: 145.” 23 Apr 2013.
- CNBC. “Fake Tweet Causes 4 Minutes of Panic on Trading Floors.” 23 Apr 2013.
- CNBC. “Single Tweet Didn’t Cause Market Disruption: Expert.” 24 Apr 2013.
- TechCrunch. “AP Twitter Hack Preceded by a Phishing Attempt.” 23 Apr 2013.
- Washington Post. “Syrian Hackers Claim AP Hack That Tipped Stock Market by $136 Billion.” 23 Apr 2013.
- ABC News Australia. “Market Chaos After Fake Obama Explosion Tweet.” 23 Apr 2013.
- U.S. SEC. Statement on Reg SCI and Market-Wide Circuit Breakers. 07 May 2013.
- U.S. SEC. Notice of Rule Change to Add Nasdaq “Kill Switch.” 18 Feb 2014.
- U.S. SEC. Final Rule 15c3-5, Risk Management Controls for Market Access. 14 Jun 2011.
- World Economic Forum. “Can Social Media Influence Financial Markets?” 18 Nov 2015.
- Mansfield et al. “Bull Bear Balance: A Cluster Analysis of Socially Informed Financial Volatility.” 20 Nov 2018.
