Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Twitter has been warned about security issues related to employeesâ credentials since 2015.
Numerous unnecessary employees at Twitter allegedly have the ability to reset usersâ accounts and modify their security settings. This is a problem that Jack Dorsey, chief executive officer, and the companyâs board were warned about all the way back in 2015.Â
According to Bloomberg, Twitter has over 1,500 workers with the abilities to reset accounts and review user breaches. This led to speculation that the hack on July 15 could have been prevented if timelier actions were taken.
Security concerns addressed
The report clarified that such credentials gave limited access to most of the workers involved in the social networkâs security department. They do note however that it is âa starting point to snoop on or even hack an account.â
The âRisk Factorsâ section of Twitterâs 10-K annual report, filed in 2015 with the Securities Exchange Commission, or SEC, confirms that Dorsey & Co. had long been warned of this potential attack vector:
âOur security measures may also be breached due to employee error, malfeasance, or otherwise. Additionally, outside parties may attempt to fraudulently induce employees, users or advertisers to disclose sensitive information in order to gain access to our data or our usersâ or advertisersâ data or accounts, or may otherwise obtain access to such data or accounts.âÂ
Twitter contractors tested issues in 2017
Bloomberg mentions that at one point in 2017 and 2018, Twitter contractors created a âgameâ which consisted of flooding the help-desk with bogus inquiries, allowing them to access celebritiesâ accounts. They used this access to trace personal data and approximate locations based on the ownerâs IP addresses.Â
Twitterâs 2020 10-K annual report, filed with the SEC, referred to âunauthorized partiesâ access:
âUnauthorized parties may also gain access to Twitter handles and passwords without attacking Twitter directly and, instead, access peopleâs accounts by using credential information from other recent breaches, using malware on victim machines that are stealing passwords for all sites, or a combination of both.â
The recent Twitter attack posted a fake Bitcoin (BTC) giveaway via the accounts of some of the most powerful verified accounts in the world. These included Joe Biden, Elon Musk, George Wallace, Bill Gates, Kanye West, Kim Kardashian, Wiz Khalifa, Warren Buffett, Mike Bloomberg, Barack Obama, and Jeff Bezos, among others.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.