Manafort's Daughter's Lawyers Pressured Twitter to Delete Links to Hacked Text Messages

In July, a freedom of information activist dumped an unredacted cache of text messages allegedly hacked from Manafort's daughter's phone.
Image: Shutterstock

In July, a freedom of information activist published a large, searchable database of text messages from Paul Manafort’s daughter’s phone, Andrea Shand. It appears the texts were originally obtained from Shand’s phone through some form of hacking, and media outlets have also had access to the dataset.

Lawyers working on behalf of Shand though have tried to suppress proliferation of the texts, and sent a legal letter to Twitter demanding they shut down the activist’s account, according to a copy of the letter Emma Best, the activist, shared with Motherboard. Best also tweeted screenshots of the document. In an email to Best sent Saturday, Twitter asked if she wished to delete her tweet, but the company has not removed any content itself.


“I have no intention of that,” Best told Motherboard in an online chat.

The news highlights the increasingly common practice of releasing large datasets online for anyone to dig through, some of which may contain personal information, and the legal tension that comes with that.

After uploading the unredacted text messages to the Internet Archive in July, Best tweeted out a link to a summary on her own website, which in turn linked to the cache. According to screenshots Best tweeted at the time, Wikileaks had access to the same dataset but declined to share it (Wikileaks did not respond to Motherboard’s request for comment.)

Some of the text messages are clearly in the public interest: CNN previously reported that one of the texts alleged Manafort may have been involved in killings in Ukraine.

“You know he has killed people in Ukraine? Knowingly," one message reads, referring to Manafort. The security researcher known as Krypt3ia first highlighted the hacked messages in February 2017, some of which were distributed across the file sharing service MEGA, and Manafort previously confirmed the authenticity of some of the text messages to Politico.

Got a tip? You can contact this reporter securely on Signal on +44 20 8133 5190, OTR chat on, or email

Other examples of the texts are much more mundane, personal, and likely don’t have a clear public interest. (In her summary, Best argues that the subjects of the messages have “had over a year to change their numbers and take steps to block harassment.”)


Shortly after that publication and Best’s tweet, Shand’s lawyer, Matthew Crowl from law firm RSHC, flagged the tweet to Twitter through its normal reporting mechanisms, judging by the letter Crowl sent to the company days later. Twitter said the tweet did not violate its policy on distributing private information, according to the letter.

“That response is unacceptable,” Crowl wrote. “After these private, stolen messages were linked in the offending Tweet, several members of my client’s family have received harassing and threatening messages.” Crowl highlights Twitter has various options to “protect Ms. Shand’s privacy,” including suspending or terminating an offending account, and points to how Twitter’s rules say users “may not publish or post other people’s private information without their express authorization and permission.” The tweet itself did not contain any of the hacked text messages, but contained a link that went to a page which led to the text cache.

Crowl did not respond to multiple requests for comment. A press representative for RSHC did not respond to a request for comment.

Twitter informed Best of the complaint on Saturday, according to an email Best shared with Motherboard. The email to Best contains the usual legal boilerplate Twitter provides to users after the company receives a legal complaint.

“Please note we may be obligated to take action regarding the content identified in the complaint in the future. Please let us know by replying to this email as soon as possible if you decide to voluntarily remove the content identified on your account," it reads.

Twitter declined to comment, saying it does not comment on individual cases for privacy and security issues; the company's standard response.

“Should Twitter fail to rectify user @NatSecGeek’s [Best’s account] violation of the Twitter rules immediately by removing access to her private, stolen content, Ms. Shand intends to pursue all legal remedies available to recover any damages she may suffer as a result,” Crowl’s letter concludes.