It looks like the person behind the massive Twitter hack that happened two weeks ago may have been caught as a Florida teenager has been arrested for the exploit on 30 counts of felony. 17-year-old Graham Clark has been taken into custody in Tampa, Florida.

The huge Twitter hack saw major accounts like Apple, Elon Musk, Barack Obama, Bill Gates, Jeff Bezos, and more compromised and used to spread a bitcoin scam. Notably, it went on for hours as Twitter scrambled to find a way to stop the exploit. Eventually, the platform blocked verified accounts from tweeting.

Today, reported by local News Channel 8 in Tampa, 17-year-old Graham Clark has been accused of the serious hack and arrested with a total of 30 felony charges. Those include organized fraud, communications fraud, fraudulent use of personal information, and more.

California and Florida along with the FBI, IRS, as well as Secret Service worked to investigate the crimes before making the arrest today.

Hillsborough State Attorney Andrew Warren filed 30 felony charges against the teen this week for “scamming people across America” in connection with the Twitter hack that happened on July 15. The charges he’s facing include one count of organized fraud, 17 counts of communications fraud, one count of fraudulent use of personal information with over $100,000 or 30 or more victims, 10 counts of fraudulent use of personal information and one count of access to computer or electronic device without authority.

Two others have also been charged in the crimes including a 19-year-old from the UK and a 22-year-old from Florida.

“I want to congratulate our federal law enforcement partners – the US Attorney’s Office for the Northern District of California, the FBI, the IRS, and the Secret Service – as well as the Florida Department of Law enforcement. They worked quickly to investigate and identify the perpetrator of a sophisticated and extensive fraud,” State Attorney Warren said in his statement.

Twitter also shared an update on its blog about the hack that used an elaborate social engineering approach worked. 130 accounts were attacked with 45 being tweeted from during the exploit and DMs of 36 compromised accounts were accessed.

According to the U.S. Attorney’s Office in the Northern District of California, Clark is one of three people charged for their alleged roles in the Twitter hack. The two other suspects were identified as 22-year-old Nima Fazeli, a.k.a. “Rolex,” of Orlando and 19-year-old Mason Sheppard, a.k.a. “Chaewon,” of the United Kingdom.

Twitter also detailed how it’s changed its policies since the attack to better protect users:

The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.

Since the attack, we’ve significantly limited access to our internal tools and systems to ensure ongoing account security while we complete our investigation. As a result, some features (namely, accessing the Your Twitter Data download feature) and processes have been impacted. We will be slower to respond to account support needs, reported Tweets, and applications to our developer platform. We’re sorry for any delays this causes, but we believe it’s a necessary precaution as we make durable changes to our processes and tooling as a result  of this incident. We will gradually resume our normal response times when we’re confident it’s safe to do so. Thank you for your patience as we work through this.