Special Correspondent ( Mumbai): It raised serious concerns among Twitter users, when Twitter CEO Jack Dorsey’s account was hacked on Friday, exposing the loopholes in the social security system.
Just after the hack, Dorsey’s account was used to flush antisemitic, racial messages, holocaust denial and messages supporting Nazi for about 10 minutes. A group named ‘Chuckle Squad’ was behind this security breach. The same group was also behind the hacking of the Twitter account of various other high profile personalities.
Earlier, we have seen Twitter accounts of various celebrities including ‘Amitabh Bacchan’ getting compromised, but the hacking of Twitter’s own executive is entirely perturbing.
Though Twitter restored the account after half an hour it blemished its image to some extent.
Twitter, however, denied any crack in its social security system and instead pinned blame on the mobile service provider. According to it, Dorsey’s account was compromised due to SIM swapping by bribing or any other means to convince a mobile carrier employee to switch a phone number to the hacker’s device.
A leading cybersecurity journalist Brain Krebs said, “ Somebody can just get somebody making $12 an hour and offer them a thousand dollars to do a SIM swap.”
Twitter users, on the other hand, gushed its platform with questions, complains and jibes, showing concerns as to how their accounts are safe from a breach when Twitter’s own executive’s account got compromised.
However, even after Twitter’s repeated denials over any security lax in its system, there is a leftover feature from early days of Twitter, which may allow anyone’s account to get compromised if a hacker gets hold of the phone number associated with their Twitter account. The hacker then texts any tweets and for this, they even don’t need any verification or your account password. After this unanticipated incident, whether Twitter changes this feature is yet to be seen, but users may secure their account by deleting your phone number from Twitter entirely. However, hear is a catch as users may not be able to use the two-factor-identification feature if they choose to do so.