Jack Dorsey, Twitter CEO was hacked on Friday. Users suggest that he may have fallen prey to a vulnerability that the social network had been previously warned about.
His account on Friday tweeted a couple of racist content. Twitter acknowledged that someone may have hacked into the account and announced that the account had been retrieved and that there was no cause for an alarm.
The hack raised a pertinent question as to how one could safeguard their account if the CEO of the said company became a scapegoat. Details from the probe indicate that Dorsey was a victim of SIM swapping, an old practice in which a hacker illegally pays a mobile carrier employee to switch a phone number to the hacker’s device. Twitter notified the users about the incidence in a follow up tweet on Friday night.
“The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorised person to compos and send tweets via text message from the phone number. That issue is now resolved.”
With this hacking approach, someone can bribe anyone with a thousand dollars in exchange for a SIM swap. Once the hacker is in control of the phone number associated with your Twitter account, they can text any tweet to Twitter’s number, 40404 and the tweet will be published to your account. The hacker will not need to verify their identification or password.
Twitter declined to comment about the possibility of making changes in its security practices following the CEO’s incident.
In this case, there is apparently no way to dodge a bullet from hackers if they were to use this feature. Even if you decide to shut down the ability to use text messages to send a tweet from your account is to permanently delete your phone number from Twitter. If you do this, you will automatically disable the two-factor authentication on your account.
However, there are still some things you can do to stay safe.
How To Protect Your Account
The easiest way to stay safe from hackers is to always have the two-factor authentication on. This is an additional verification step to confirm your identity beyond your regular password before you are able to log in. However, this doesn’t completely protect you from the claws of hackers.
Another step is to use the Google Authentication phone app. This model provides codes. A hacker would need to handle your phone before they can get the codes. You can also use a piece of hardware you can buy separately that generates codes. A hacker would also need to physically steal this to gain access into your account.
Until Twitter changes its security practices, those are the available options for you to safeguard your Twitter account.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
