Reuters: Over 1,000 Twitter Employees Could Access Tools That Enabled Hackers to Hijack High-profile Accounts

The recent Twitter hack that took place last week has underlined the broader vulnerabilities in the infrastructure of Twitter as more details about the high-profile cryptocurrency scam continue to unfold. Now, according to a recent report by Reuters, over 1,000 Twitter employees had access to tools that enabled them to control everyone’s accounts. Two former Twitter employees claim that a large proportion of Twitter’s workforce could access tools to access and edit Twitter accounts, Reuters reported.

According to Reuters, these workers, which also include hires from third-party contractors like Cognizant, can access internal tools that potentially enable employees to change sensitive user settings. Moreover, they also have the option to hand this access to anyone else by sharing the login credentials- which is what led to the hack last week, according to a few outlets.

In response, the micro-blogging network told media outlets that it is always working on increased security protocols, techniques, as well as mechanisms generally and for anyone with access to these tools. A Twitter spokesperson added that each team member is only provided account access with a valid business reason, and when team members need to work on the customer support issues.

Twitter claims that there is no indication that any of the company’s third-party partners that operate on customer support and account management played a part in the recent hack in which high-profile accounts including the accounts of Bill Gates, Barack Obama, Elon Musk, and Apple Inc. were hijacked.

Twitter is investigating the breach alongside the intelligence and security agencies, and it has shared a series of startling results over the past week. The company wrote in a tweet that the hackers targeted a total of 130 Twitter accounts, and eight of those accounts had their entire Twitter information compromised via the data export tool. But the company claims that none of those accounts were verified, and attackers also accessed/read DMs of 36 of these accounts including the account of one elected official from the Netherlands.

The company stated in a tweet last week that Twitter has been taking aggressive steps to secure its systems while the investigations are still ongoing. Twitter also explained that the attackers manipulated a small number of workers and used their credentials to login into tools and turn over access to 45 Twitter accounts.

Twitter declined to comment on whether the over 1,000 figure was accurate and if the number of employees with access to those tools changed before or after the hack. Twitter employees have always had a worrying level of access to profile as two years ago, a rogue employee deactivated Trump’s account. The two former workers did say that the platform has improved its ability to track the activity of its employees in the wake of previous incidents.

Read next: Experts Warn That Twitter Attack Could Be a Part of Something Much Larger, Here Are Some Suggestions from a Professional Hacker for Other Tech Companies to Avoid Such Attacks
Previous Post Next Post