Saturday, December 19, 2009

Twitter Hack Blamed on Faulty Email Security

Twitter's DNS records being compromised is being blamed on poor email security. Bad email security was the cause of another breach that exposed previously secret documents. This means that the fault lies squarely on Twitter, and they can not shift the blame to some third party service.

"A successful attack on Twitter early Friday morning is being blamed on Twitter’s own email security, as hackers were able to get access to an email account and change a password, then redirect traffic elsewhere.
Now Twitter’s DNS provider, Dyn Inc., has absolved itself of blame by claiming that the DNS records were changed by an authorized user: in other words, the attacker had the password to Twitter’s Dyn Inc account, logged in and changed the settings. That points to one likely cause: a Twitter administrator had their email security compromised, and a password reset request was made.

Twitter’s email security was also the cause of previous Twitter attacks: a breach of one staff member’s email account provided access.

No comments:

Post a Comment

Related Posts with Thumbnails

Like what you read; Subscribe/Fan/Follow