SPONSORED:

Twitter lacked adequate cybersecurity protection ahead of July hacks, regulator says

Twitter lacked adequate cybersecurity protection ahead of July hacks, regulator says
© Getty

Twitter lacked adequate cybersecurity protection allowing for a 17-year-old to allegedly lead a mass hack of high-profile accounts in July using a “simple technique,” according to a report released Wednesday by a New York regulator. 

The New York State Department of Financial Services (DFS) is calling for social media companies to be designated “systemically important institutions,” like some banks were after the 2008 financial crisis, and subject to enhanced regulation. 

The report underscores the push for further protection by highlighting concerns that the cybersecurity vulnerabilities could lead to an election-related hacking attempt. 

ADVERTISEMENT

“The Hackers focused on classic fraud. But such a hack, when perpetrated by well-resourced adversaries, could wreak far greater damage by manipulating public perception about markets, elections, and more,” the report states. 

The report describes the hijack of high-profile accounts, including former President Obama, reality star Kim Kardashian WestKimberly (Kim) Noel Kardashian WestTrump grants clemency to five nonviolent offenders Hillicon Valley: Twitter lacked adequate cybersecurity protection ahead of July hacks, regulator says | Twitter, Facebook clamp down on New York Post article about Hunter Biden | YouTube bans COVID-19 vaccine misinformation Twitter lacked adequate cybersecurity protection ahead of July hacks, regulator says MORE and Amazon CEO Jeff BezosJeffrey (Jeff) Preston BezosBlue Origin takes one small step toward being a competitor to SpaceX Democrats question Amazon over reported interference of workers' rights to organize Hillicon Valley: Twitter lacked adequate cybersecurity protection ahead of July hacks, regulator says | Twitter, Facebook clamp down on New York Post article about Hunter Biden | YouTube bans COVID-19 vaccine misinformation MORE, as “jarringly easy for a teenager and his young associates” to execute. 

DFS said the hackers accessed Twitter’s systems by calling company employees and claiming to be from Twitter’s IT department. After duping four employees to give them their log-in credentials, the hackers hijacked the accounts of various politicians, celebrities and companies. 

The hackers tweeted “double your bitcoin” messages, with a link to send payments to bitcoins. They stole more $118,000 worth of bitcoins from consumers, according to DFS. 

A spokesperson for Twitter did not immediately respond to a request for comment.

ADVERTISEMENT

Twitter has previously revealed that hackers had manipulated employees into providing them back-end access to internal systems. 

New York Gov. Andrew CuomoAndrew CuomoRand Paul rips 'leftwing media' for focusing on COVID-19 cases: 'Mortality rates are plummeting' Trump aide accuses CNN's Chris Cuomo of breaking quarantine while COVID-19 positive in heated interview New York surpasses half a million COVID-19 cases MORE (D) had directed the investigation in July. The FBI also initiated an inquiry into the hacking.  

Florida prosecutors have alleged Graham Ivan Clark, a 17-year-old from Tampa, is behind the hack and he is being charged as an adult. Clark has pleaded not guilty.

Federal prosecutors have charged two others with related charges in a California federal court.