07/24/2020 - 10:46
- Clarín.com
- Technology
More than 1,000 Twitter employees had access to internal tools that could change their user account and password settings, at least earlier this year, two former employees told Reuters. The information is relevant because it would help to understand the gigantic security gap that the company would have, which would seem key in the massive hack that high-profile accounts such as those of Jeff Bezos, Barack Obama and Bill Gates suffered.
The case is being investigated by Twitter Inc. and the FBI, which analyze security issues that allowed hackers to repeatedly tweet from verified accounts by personalities like Democratic presidential candidate Joe Biden, billionaire philanthropist Bill Gates, Tesla's chief executive, Elon Musk and former New York Mayor Mike Bloomberg. And Amazon CEO Jeff Bezos.
The information comes after Twitter explained last Saturday that the perpetrators "manipulated a small number of employees and used their credentials " to log into tools and provide access to 45 accounts. And this Wednesday they admitted, said the hackers could have read direct messages to and from 36 accounts, but did not identify the affected users.
Now Reuters revealed that nearly 1,000 employees had sensitive access to tools that allowed them to take complete control of an account, even to change its password.
Big security problems on Twitter. (Bloomberg)
This complicates the investigation, since it multiplies the possibilities of the possible ones involved in the leaks. Furthermore, the Reuters article mentions not only direct employees but also “ contractors ”, that is, external to the company hired by Twitter (as opposed to what is known as “full time employee”).
Twitter did not comment on the figure and did not specify whether the number has decreased before or since the hack. "The company was looking for a new chief of security, working to better protect its systems and training employees on how to resist the tricks of strangers," explained Twitter.
Threats from experts, especially lower-paid external support staff, are a constant concern for companies serving large numbers of users, cybersecurity experts told the news agency .
Access to direct messages
Twitter detailed this Thursday that in the hack on its platform on July 15, hackers accessed the private messages of 36 of the 130 affected accounts, including that of the Dutch politician Geert Wilders.
The internal investigation revealed that in the case of hacked accounts, the attackers managed to access the inbox of private messages, as reported on the support page in their official profile on the social network.
Although it does not specify the name, the company includes in those 36 accounts that of a Dutch politician, and clarifies that "there are no indications that they have accessed the private messages of any other previous or current politician."
For this clarification, high impact DMs worldwide such as those of Bill Gates, Barack Obama, Elon Musk and Jeff Bezos were at the center of the controversy.
