The simple phone scam was the key first step in Twitter hacking, which took over dozens of high-ranking accounts this summer, New York regulators say.
The hackers responsible for the July 15 attack called Twitter employees posing as the company’s IT employees and tricked them into giving up their login credentials for the social network’s internal tools, the state financial department said on Wednesday. services.
The findings were part of the agency̵
REP. KEN BUCK REQUESTS DOJ TO INVESTIGATE REMOVAL OF GREAT PROTECTION AFFAIRS AFTER CENSORING OF REAL ESTATE
“Given that Twitter is a publicly traded $ 37 billion technology company, it was surprising how easily hackers were able to break into Twitter and access internal tools that allowed them to take over each Twitter user’s account.” , regulators write in the report.
“In fact, hackers used basic techniques closer to those of the traditional scammer: phone calls pretending to be from Twitter’s information technology department,” they added.
The agency found no evidence that Twitter employees knowingly aided the hackers, and some of them reported suspicious calls to the company’s fraud monitoring team, the report said.
But government regulators have accused Twitter of lacking basic cybersecurity tools at the time of the attack, such as chief information security officer and “adequate access control and identity management,” measures required by the New York Cybersecurity Regulation.
TWITTER FOR PAYMENT OF $ 100,000 FOR VIOLATIONS OF CAMPAIGN FINANCING IN THE STATE
The report also calls for new provisions that would identify large social media companies as “systemically important”, similar to existing rules for major banks and other financial institutions.
“Social media platforms have quickly become a leading source of news and information, but no regulator has adequate oversight of their cybersecurity,” said Linda Lacewell, chief financial officer. “The fact that Twitter was vulnerable to a straightforward attack shows that self-regulation is not the answer. “
GET THE FOX BUSINESS, CLICK HERE
Twitter said it was cooperating with the state review and with law enforcement officials investigating the hack. Authorities have charged three people – including a teenager in Florida – with the incident.
The San Francisco-based company also announced efforts last month to tighten access to its internal tools and better track suspicious activity.
CLICK HERE TO READ MORE FOX BUSINESS STORIES
“Protecting the privacy and security of people is a top priority for Twitter and it is not a responsibility we take lightly,” a Twitter spokesman said in a statement. “… We are constantly investing in improvements to our teams and our technology that enable people to use Twitter safely. This work is constant and always evolving. “
This report first appeared in the New York Post.