One week after hackers commandeered dozens of high-profile Twitter accounts – including Joe Biden, Kim Kardashian and Barack Obama – former Twitter employees say that more than 1,000 staffers and contractors had access to internal tools for the breach.
The former workers, who are familiar with Twitter security practices, said that many people had access, including Cognizant Corp., the New Jersey-based IT services provider, Reuters reported.
“That sounds like there are too many people with access,” Edward Amoroso, former chief security officer at AT&T, told the news service. “In order to do cybersecurity right, you can’t forget the boring stuff.”
He suggested that staff responsibilities should have been divided, with access limited to those duties and more than one person required to agree on most sensitive account changes, Reuters reported.
John Adams, a former Twitter security engineer, told the news outlet that accounts with more than 10,000 followers should require at least two people to change key settings.
The former employees said that since their departure, Twitter has improved the logging of employees’ activity in the wake of previous problems, including records searches by an employee who was accused last November of spying for the Saudi Arabian government.
Last week, the FBI launched an investigation into what turned out to be the worst security breach in Twitter’s 14-year history. Investigators discovered that cybercriminals had committed alleged cryptocurrency fraud on July 15 after hackers seized control of the Twitter accounts of political figures, executives and celebrities.
The attackers posted tweets that appeared to promote a cryptocurrency scam and posted similar tweets on celebrity accounts soliciting donations via bitcoin to their verified profiles.
In response, Twitter posted: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
A few days after the hack, Twitter said they believed the attackers targeted certain Twitter employees through a social engineering scheme. The company noted that the cyberattackers managed to manipulate a “small” number of employees’ accounts and used their credentials to access Twitter’s internal systems to divulge confidential information.
The hackers used internal tools to target 130 Twitter accounts. Of that number, the attackers reset passwords, logged into the accounts and sent tweets from 45 of them.