Recently, the social media giant found itself in a big security mess where a number of high-profile user accounts were hacked among which are those of the former US President Barack Obama, Tesla’s CEO Elon Musk, Amazon Founder Jeff Bezos, Microsoft co-founder Bill Gates and many more including Kanye West and his wife Kim Kardashian.
New update has it that over 1,000 employees of the company and contractors have security access to the same internal tools which are believed to have aided the cyber attack which was able to obtain control of the high-profile accounts according to two former Twitter employees.
Former staffs who were familiar with the internal affairs of the company ha a talk with Reuters about the security state of the company. These were the employees who earlier on this year were able to change user account settings and even hand over the control to third-parties.
Among the 1,000 employees who cold access the internal tools directly includes contractors who aren’t permanent Twitter staffs from American IT services provider sch as Cognizant which had raised questions on why so many people were given high level security privileges within the Twitter administrative system.
The former employees also told Reuters that, despite last week’s breach, the company’s security policy is still an improvement on procedures operated during their time at the company. Twitter had decided to crack down on breaches by logging the activity of its staff following an incident in November 2019, when an employee was caught allegedly spying for the Saudi Arabian government.
The founder of ImmuniWeb, a Web security company Ilia Kolochenko said that the attack was enhanced by exploiting other weaknesses in Twitter’s internal security.
“It is not excluded that the attackers were assisted by an insider or were exploiting a high-risk vulnerability detected in one of Twitter’s web systems. Otherwise, we may reasonably infer that Twitter has virtually no internal security controls and best practices that we should normally expect from a tech company of its size,” he said.Advertisement
Meanwhile, on a call to investors on Thursday, Twitter Chief Executive Jack Dorsey admitted to missteps:
“We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools,” he said.
Twitter also confirmed that the hackers were able to gain access to the private communications of up to 36 accounts. Among the 130 targeted accounts, 45 of them got compromised to the point whereby the hackers were able to send out tweets using these accounts while a fourth 36 had their direct messages accessed according to the firm.
It’s believed at least eight accounts had their archived account data accesed through the ‘Your Twitter Data’ tool, which holds the entirety of their account activity, although none of these eight accounts are ‘verified’ on the platform.
Twitter on the other hand hasn’t yet indicated if there is any overlap right between those whose accounts were compromised, or those who had their DMs accessed as well as those whose archived data were downloaded.
The hackers tweeted out using the hijacked accounts informing users that any Bitcoin donation made will get a double return which had allowed the cyber attackers go away with about US$100,000.
And speaking of the access they were able to get, the fact that they were able to gain access to the point whereby they could even send out tweets meant they will be able to read direct messages a well as check archives and so forth.
While majority of the popular accounts hacked were US-based users, it was also noted that an unnamed Dutch politician who is elected was among those whose DMs were accessed. But the company further said there is no indication if those of the US such as Obama or Joe Biden a democratic Presidential nominee also got their DMs accessed.
Although attackers gained full control over some accounts, Twitter has said they would have been unable to view previous passwords as these are not stored in plain text. It added that even with access to internal tools hackers would still have been unable to view these.
But the hackers were able to view personal information which includes email addresses, phone numbers which is usually displayed to some employees who have access to internal company support tools. Twitter also described more stolen “additional information” which the company added its forensic investigation of these activities is still ongoing.
McAfee founder John McAfee, meanwhile, has suggested his own Twitter account has been either hacked or frozen in the past 12 hours, with some tweets disappearing or seen by only a handful of individuals. It’s unclear whether these reports are related with last week’s major hack.
As more bodies get involved in the case, the social media giant promised to further secure its system in order to prevent a future attack as well as roll out additional company-wide training in order to guard against social engineering tactics.