Monday Morning Madness

Monday, 5 January 2009

This morning we discovered 33 Twitter accounts had been “hacked” including prominent Twitter-ers like Rick Sanchez and Barack Obama (who has not been Twittering since becoming the president elect due to transition issues). We immediately locked down the accounts and investigated the issue. Rick, Barack, and others are now back in control of their accounts.

What Happened?

The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can’t remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We’ll put them back only when they’re safe and secure.

Reacting Quickly and Fixing the Problems

In addition to this Monday morning madness we’re coming off a wacky weekend where lots of folks were tricked into participating in a Phishing scam aimed at Twitter users. In both cases, our on-call team was able to attend to the matter quickly and prevent too many people from being affected. Our support team is definitely going to have a busy week because we reset a bunch of passwords just to be on the safe side.

Could OAuth Have Helped?

We plan to release a closed beta of the open authentication protocol, OAuth this month but it’s important to note that this would not have prevented a Phishing scam nor would it have prevented these accounts from being compromised. OAuth is something we can provide so that folks who use third party applications built on the Twitter API can access their data while protecting their account credentials.

What Are We Doing?

We are engaged in a full security review of all access points to Twitter. In the meantime, we are taking immediate action. First, we are increasing the security of our sign-in mechanism. For added security, we are further restricting access to our support tools. Events like this will happen from time to time to services like ours and its important how we conduct ourselves and that we take this as an opportunity to make Twitter stronger.