‘Serious risk of breach’ at Musk’s Twitter

‘Serious risk of breach’ at Musk’s Twitter

From users impersonating emergency service providers to spread panic to extortionists stealing and leaking private messages stored on Twitter, “It’s staggering to imagine the amount of risk that this platform has opened itself up to,” said Tobac.

Twitter is fast becoming the “Wild West,” she added.

Shields down

Twitter’s top security officials — including its chief information security officer, chief privacy officer, chief compliance officer and head of trust and safety — all resigned Thursday, citing the risk of implementing some of Musk’s new revenue grabs (like the new check-mark policy) amid an ongoing Federal Trade Commission probe.

All that turnover raises serious questions about the company’s ability to fend off hackers — a difficult task for any high-profile social media platform, and one that Twitter was already falling short on, according to a whistleblower complaint filed by former head of security Peiter Zatko earlier this year.

“There is a serious risk of a breach with drastically reduced staff,” Alex Stamos, director of the Stanford Internet Observatory and former Yahoo CISO, tweeted Thursday. The situation was especially “terrible,” he added, given the chance of “real-life harm.”

Michael Hamilton, former CISO for the city of Seattle, also expressed doubts about Twitter’s ability to defend its network given the internal turmoil.

“Hard to trust Twitter with data at this point,” said Hamilton, who is now CISO of Critical Insight, a cybersecurity company he founded

Threats up

Meanwhile, Musk’s decision to hold a yard sale for the company’s infamous blue check marks — the method the platform previously used to authenticate a small pool of public figures — spawned a host of fraudulent user accounts Wednesday and Thursday.

Thus far, those have mostly amounted to juvenile capers, like a (believably) disgruntled LeBron James and an (unbelievably) beneficent Eli Lilly. But it is only a matter of time before nation-states and cybercriminals spot opportunity, warned SocialProof Security’s Tobac.

“My biggest concern is that bad actors will soon figure out they can impersonate election officials and emergency services” using the check mark, said Tobac.

Hamilton, the Critical Insight CISO, also spotted hackers using a fake McDonalds account in an apparent effort to distribute malware via the platform. As of Friday morning, the thread, which has generated more than 400,000 likes, still has not been removed.

On Friday morning, Twitter appeared to halt its “Blue” subscription service, which had gone live earlier this week. Meanwhile, Twitter resurrected “official” gray check marks for some prominent companies and publishers – a program that Musk had abruptly killed just two days ago.

The platform’s Thursday house fire prompted a rare, and strongly worded warning from the FTC.

About Charles 51207 Articles
Charles writes for the Headline column of the website. He has done major in English, and a having a diploma in Journalism. He has worked for more than 1.5 years in a media house. Now, he joined our team as a contributor for covering the latest US headlines. He is smart both by him looks and nature. He is very good with everyone in the team.