Tweet Tweet! Let’s Talk About Twitter and Its Security

Latest issue

Recent mishaps

• Last month, numerous Twitter accounts belonging to high-profile organizations and celebs were hacked using social-engineering techniques. Hackers gained access to email addresses and phone numbers, but no passwords, as per Twitter. A small number of employees were reportedly tricked through social engineering by the threat actors to hand over their admin credentials for this attack.
• Reuters reported that according to a couple of former employees, thousands of Twitter contractors and employees had access to internal tools that could alter user settings and hand over control to others.
• The social networking service is also under investigation by the Federal Trade Commission for misusing the personal information of users to serve ads, i.e., for violating user privacy.

Who’s to blame?

• The central problem lies in the fact that the main threat to Twitter comes from its weakest link that was exploited by the perpetrators.
• According to the microblogging platform, it was a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
• As per Mikko Hyppönen, security holes and codes can be patched but human weaknesses are not as predictable as machines.
• With different issues making the headlines almost every single day, it is clear as day that social media sites are more vulnerable to new and evolving security threats, now more than ever.

Closing words